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China’s  Military  Modernization  and 
Cyber  Activities 

Testimony  of  Dr.  Larry  M.Wortzel  before  the 
House  Armed  Services  Committee 


As  a  member  of  the  US-China  Economic  and  Security  Review  Com¬ 
mission,  I  will  present  some  of  the  commission’s  findings  on  China’s 
military  modernization,  US-China  security  relations,  and  China’s  cyber 
activities  from  the  2013  Annual  Report  to  Congress }  The  views  I  present 
today,  however,  are  my  own.  I  want  to  acknowledge  the  fine  work  of  our 
staff  in  preparing  the  annual  report  and  especially  the  excellent  research 
of  our  foreign  policy  and  security  staff  in  helping  to  prepare  this  testimony. 

China’s  Military  Modernization 

China’s  military,  the  People’s  Liberation  Army  (PLA),  is  undergoing 
an  extensive  modernization  program  that  presents  significant  challenges 
to  US  security  interests  in  Asia.  This  modernization  includes  creating  a 
surveillance  and  strike  architecture  that  supports  operations  at  longer 
distances  away  from  China’s  coast.  It  makes  the  PLA  a  more  formidable 
force  in  all  the  dimensions  of  war:  air,  space,  land,  sea,  and  in  the  electro¬ 
magnetic  spectrum.  The  PLA  has  new,  multimission-capable  combat 
ships,  aircraft,  submarines,  and  new  generations  of  missiles. 

Lirst  and  foremost,  major  elements  of  this  program — such  as  the  DL-21D 
antiship  ballistic  missile  and  increasing  numbers  of  advanced  sub¬ 
marines  armed  with  antiship  cruise  missiles — are  designed  to  restrict  US 
freedom  of  action  throughout  the  Western  Pacific.  The  PLA  is  rapidly 
expanding  and  diversifying  its  ability  to  conduct  conventional  strikes 
against  US  and  allied  bases,  ships,  and  aircraft  throughout  the  region, 
including  those  that  it  previously  could  not  reach  with  conventional 
weapons,  such  as  US  military  facilities  on  Guam.  As  the  PLA’s  anti-access/ 
area-denial  capabilities  mature,  the  costs  and  risks  to  the  United  States 
for  intervention  in  a  potential  regional  conflict  involving  China  will 
increase.2  The  Chinese  military,  of  course,  sensitive  to  nineteenth  and 
twentieth  century  history,  thinks  of  these  actions  as  counterintervention 
strategies  designed  to  prevent  foreign  militaries  from  intervening  in 
China’s  sovereign  affairs  or  territory. 
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Furthermore,  the  PLA’s  rapidly  advancing  regional  power  projection 
capabilities  enhance  Beijing’s  ability  to  use  force  against  Taiwan,  Japan, 
and  rival  claimants  in  the  South  China  Sea.  More  seriously,  because  China’s 
military  doctrine  emphasizes  preemptive  attacks,  it  raises  the  stakes  in  any 
crisis.  Many  potential  security  scenarios  could  require  the  US  military  to 
defend  US  regional  allies  and  partners  as  well  as  maintain  open  and  secure 
access  to  the  air  and  maritime  commons  in  the  Western  Pacific. 

At  the  same  time,  rising  unease  over  both  China’s  expanding  capa¬ 
bilities  and  increasing  assertiveness  is  driving  US  allies  and  partners  in 
Asia  to  improve  their  own  military  forces  and  strengthen  their  security 
relationships  with  each  other.  These  trends  could  support  US  interests  in 
Asia  by  lightening  Washington’s  operational  responsibilities  in  the  region. 
On  the  other  hand,  if  China’s  neighbors  pursue  military  capabilities  that 
could  be  used  offensively  or  preemptively  due  to  the  perception  that  the 
United  States  will  be  unable  to  follow  through  on  its  commitment  to 
the  rebalance  to  Asia,  this  could  undermine  US  interests  in  the  region. 

In  the  commission’s  2013  annual  report  we  discuss  the  following  main 
developments  in  China’s  military  modernization: 

Navy 

Aircraft  Carriers.  Since  commissioning  its  first  aircraft  carrier,  the 
Liaoning,  in  September  2012,  China  continues  to  develop  a  fixed-wing 
carrier  aviation  capability,  which  is  necessary  for  the  carrier  to  carry 
out  air  defense  and  offensive  strike  missions.  The  Liaoning  is  a  former 
Russian  aircraft  carrier  purchased  from  the  Ukraine.  It  was  refitted  and 
modernized  in  China.  The  PLA  Navy  conducted  its  first  successful 
carrier-based  takeoff  and  landing  with  the  Jian-15  ( J - 1 5 )  in  November 
2012,  certified  its  first  group  of  aircraft  carrier  pilots  and  landing 
signal  officers  on  the  carrier’s  first  operational  deployment  from  June  to 
July  2013,  and  verified  the  flight  deck  operations  process  in  September 
2013. 3  The  Liaoning  will  continue  to  conduct  short  deployments  and 
shipboard  aviation  training  until  2015  to  2016,  when  China’s  first  J-15 
regiment  is  expected  to  become  operational.  The  J-15  is  a  Chinese  copy 
of  the  Russian  Su-33.  China  likely  intends  to  follow  the  Liaoning  with 
at  least  two  domestically  produced  hulls.  The  first  of  these  appears  to  be 
under  construction  and  could  become  operational  before  2020. 

Submarine-Launched  Ballistic  Missiles.  China’s  Julang-2  (JL-2) 
submarine-launched  ballistic  missile  is  expected  to  reach  initial  opera¬ 
tional  capability  very  soon.4  The  missile  has  been  under  development 
for  a  number  of  years,  which  shows  that  Chinese  military  industries  still 
have  some  problems  in  developing  and  fielding  new  systems.  The  JL-2, 
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when  mated  with  the  PLA  Navy’s  Jin-class  nuclear  ballistic  missile  sub¬ 
marine  (SSBN),  will  give  China  its  first  credible  sea-based  nuclear  deterrent. 
The  Jin  SSBN/JL-2  weapon  system  will  have  a  range  of  approximately 
4,000  nautical  miles,  allowing  the  PLA  Navy  to  target  the  continental 
United  States  from  China’s  littoral  waters.5  China  has  deployed  three  Jin 
SSBNs  and  probably  will  field  two  additional  units  by  2020. 6 

Sea-Based  Land  Attack  Capability.  China  currently  does  not  have 
the  ability  to  strike  land  targets  with  sea-based  cruise  missiles.  However, 
the  PLA  Navy  is  developing  a  land  attack  capability,  likely  for  its  Type-095 
guided-missile  attack  submarine  and  Luyang  III  guided-missile  destroyer. 
Modern  submarines  and  surface  combatants  armed  with  land  attack 
cruise  missiles  (LACM)  will  complement  the  PLA’s  growing  inventory 
of  air-  and  ground-based  LACMs  and  ballistic  missiles,  enhancing  Beijing’s 
flexibility  for  attacking  land  targets  throughout  the  Western  Pacific,  in¬ 
cluding  US  facilities  in  Guam.7 

Shipbuilding.  The  PLA  Navy  continues  to  steadily  increase  its  inven¬ 
tory  of  modern  submarines  and  surface  combatants.  China  is  known  to 
be  building  seven  classes  of  ships  simultaneously  but  may  be  construct¬ 
ing  additional  classes.8  Trends  in  China’s  defense  spending,  research  and 
development,  and  shipbuilding  suggest  the  PLA  Navy  will  continue  to 
modernize.  By  2020,  China  could  have  approximately  60  submarines 
that  are  able  to  employ  submarine-launched  intercontinental  ballistic 
missiles,  torpedoes,  mines,  or  antiship  cruise  missiles.  China’s  surface 
combat  force  also  has  modernized  and  expanded  with  approximately  75 
surface  combatants  that  are  able  to  conduct  multiple  missions  or  that 
have  been  extensively  upgraded  since  1992. 9  The  combat  fleets  are  sup¬ 
ported  by  a  combat  logistics  force  that  can  conduct  underway  replen¬ 
ishment  and  limited  repairs.  All  of  these  ships  will  be  equipped  to  take 
advantage  of  a  networked,  redundant  command,  control,  communica¬ 
tions,  computer,  intelligence,  surveillance,  and  reconnaissance  system 
(C4ISR)  fielded  by  the  PLA. 

Attack  Submarines.  China  has  a  formidable  force  of  63  diesel-electric 
and  nuclear  attack  submarines.10  They  are  equipped  with  nuclear  and 
conventional  torpedoes  and  mines  as  well  as  antiship  cruise  missiles.11 
In  2012,  China  began  building  four  “improved  variants”  of  its  Sbang- 
class  nuclear  attack  submarine.  China  also  continues  production  of  the 
Yuan- class  diesel-electric  submarine — some  of  which  will  include  an 
air-independent  propulsion  system  that  allows  for  extended  duration 
operations — and  the  Jin- class  SSBN.  Furthermore,  China  is  developing 
two  new  classes  of  nuclear  submarines  and  may  jointly  design  and  build 
four  advanced  diesel-electric  submarines  with  Russia.12  China’s  growing 
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submarine  inventory  will  significantly  enhance  China’s  ability  to  strike 
opposing  surface  ships  throughout  the  Western  Pacific  and  to  protect 
future  nuclear  deterrent  patrols  and  aircraft  carrier  task  groups.13 

Air  Force 

Fighter  Aircraft.  China  also  is  developing  two  next-generation  fighters, 
the  J-20  and  the  J-31,  which  could  feature  low  observability  and  active 
electronically  scanned  array  radar.14  The  PLA  Air  Force  conducted  the 
first  test  flights  of  the  J -20  and  J-31  in  January  2011  and  October  2012, 
respectively.15  These  aircraft  will  strengthen  China’s  ability  to  project 
power  and  gain  and  maintain  air  superiority  in  a  regional  conflict. 

Cargo  Transport  Aircraft.  In  January  2013,  China  conducted  the 
first  test  flight  of  its  indigenously  developed  cargo  transport  aircraft,  the 
Yun-20  (Y-20).  China  previously  was  unable  to  build  heavy  transport 
aircraft,  so  it  has  relied  on  a  small  number  of  Russian  Ilyushin-76  (IL-76) 
aircraft  for  strategic  airlift  since  the  1990s.  Aircraft  specifications  pro¬ 
vided  by  official  Chinese  media  indicate  the  Y-20  can  carry  about  twice 
the  cargo  load  of  the  IL-76  and  about  three  times  the  cargo  load  of  the 
US  C- 130. 16  The  Y-20  will  enhance  the  PLA’s  ability  to  respond  to 
internal  security  crises  and  border  contingencies,  support  military  inter¬ 
national  peacekeeping  and  humanitarian  assistance  operations,  and  project 
power  in  a  regional  conflict.17  The  larger  aircraft  and  expanded  fleet  will 
enhance  the  PLA’s  capability  to  employ  the  15th  Airborne  Army,  part  of 
the  PLA  Air  Force. 

LACM-Capable  Bomber  Aircraft.  In  June  2013,  the  PLA  Air  Force 
began  to  receive  new  Hongzha-6K  (H-6K)  bomber  aircraft.  The  H-6K, 
an  improved  variant  of  the  H-6  (originally  adapted  from  a  late- 1950s 
Soviet  design),  has  extended  range  of  around  2,400  to  3,100  miles  and 
can  carry  China’s  new  long-range  LACM,  the  CJ-10.  The  CJ-10  has 
a  range  of  around  900  to  1,200  miles.18  The  bomber/LACM  weapon 
system  provides  the  PLA  Air  Force  with  the  ability  to  conduct  conven¬ 
tional  strikes  against  regional  targets  throughout  the  Western  Pacific, 
including  US  facilities  in  Guam.19  Although  the  H-6K  airframe  could 
be  modified  to  carry  a  nuclear-tipped  air-launched  LACM,  and  China’s 
LACMs  likely  have  the  ability  to  carry  a  nuclear  warhead,  there  is  no 
evidence  to  confirm  China  is  deploying  nuclear  warheads  on  any  of  its 
air-launched  LACMs.20  The  H-6K  also  may  be  able  to  carry  supersonic 
antiship  cruise  missiles.21 
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Space  and  Counterspace 

In  May  2013,  China  fired  a  rocket  into  nearly  geosynchronous  Earth 
orbit,  marking  the  highest  known  suborbital  launch  since  the  US  Gravity 
Probe  A  in  1976  and  China’s  highest  known  suborbital  launch  to  date. 
Although  Beijing  claims  the  launch  was  part  of  a  high-altitude  scientific 
experiment,  available  data  suggest  China  was  testing  the  launch  vehicle 
component  of  a  new  high-altitude  antisatellite  (ASAT)  capability.22  If  true, 
such  a  test  would  signal  China’s  intent  to  develop  an  ASAT  capability  to 
target  satellites  in  an  altitude  range  that  includes  the  US  global  position¬ 
ing  system  (GPS)  and  many  US  military  and  intelligence  satellites.  In  a 
potential  conflict,  this  capability  could  allow  China  to  threaten  the  US 
military’s  ability  to  detect  foreign  missiles  and  provide  secure  communi¬ 
cations,  navigation,  and  precision  missile  guidance. 

Furthermore,  in  September  2013,  China  launched  a  satellite  into 
space  from  the  Jiuquan  Satellite  Launch  Center  in  western  China.  Our 
annual  report  cites  commentary  from  Gregory  Kulacki  of  the  Union 
of  Concerned  Scientists,  who  believes  that  this  launch  may  represent 
a  capacity  to  launch  new  satellites  in  the  event  China  suffers  losses  in 
space  from  space  combat.23 

China  also  has  improved  its  ballistic  missile  defense  capabilities  by 
fielding  the  Russian-made  SA-20B  surface-to-air  missile  (SAM)  system.  In 
some  cases,  China’s  domestically  produced  CSA-9  SAM  system  should 
also  be  capable  of  intercepting  ballistic  missiles.24 

On  27  December  2012,  China  announced  its  Beidou  regional  satel¬ 
lite  navigation  system  is  fully  operational  and  available  for  commercial 
use.  Using  16  satellites  and  a  network  of  ground  stations,  Beidou  pro¬ 
vides  subscribers  in  Asia  with  24-hour  precision  navigation  and  timing 
services.25  China  plans  to  expand  Beidou  into  a  global  satellite  naviga¬ 
tion  system  by  2020. 26  Beidou  is  a  critical  part  of  China’s  stated  goal  to 
prepare  for  fighting  wars  under  “informationized  conditions,”  which  in¬ 
cludes  a  heavy  emphasis  on  developing  the  PLA’s  C4ISR  and  electronic 
warfare  capabilities.  The  PLA  is  integrating  Beidou  into  its  systems  to 
improve  its  command  and  control  and  long-range  precision  strike  capabili¬ 
ties  and  reduce  the  PLA’s  reliance  on  foreign  precision  navigation  and 
timing  services  such  as  GPS.27 

Strategic  Intercontinental  Ballistic  Missiles 

China  is  enhancing  its  nuclear  deterrent  capability  by  modernizing 
its  nuclear  force.  It  is  taking  measures  such  as  developing  a  new  road- 
mobile  intercontinental  ballistic  missile  (ICBM),  the  DF-41.  This  missile 
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could  be  equipped  with  a  multiple  independently  targetable  reentry 
vehicle  (MIRY),  allowing  it  to  carry  as  many  as  10  nuclear  warheads.28 
In  addition  to  MIRVs,  China  could  also  equip  its  ballistic  missiles  with 
penetration  aids  and  may  be  developing  the  capability  to  transport 
ICBMs  by  train.29  Furthermore,  according  to  the  DoD’s  2011  report 
to  Congress  on  China’s  military,  the  PLA  “has  developed  and  utilized 
[underground  facilities]  since  deploying  its  oldest  liquid-fueled  missile 
systems  and  continues  to  utilize  them  to  protect  and  conceal  their  newest 
and  most  modern  solid-fueled  mobile  missiles.”30 

Defense  Spending 

To  support  its  military  modernization,  China  continued  to  increase 
defense  spending  in  2013.  In  March,  China  announced  its  official  defense 
budget  for  2013  rose  10.7  percent  in  nominal  terms  to  $1 17.39  billion, 
signaling  the  new  leadership’s  support  for  the  PLA’s  ongoing  moderniza¬ 
tion  efforts.  This  figure  represents  5.3  percent  of  total  government  out¬ 
lays  and  approximately  1.3  percent  of  estimated  gross  domestic  product 
(GDP).31  China’s  official  annual  defense  budget  now  has  increased  for 
22  consecutive  years  and  more  than  doubled  since  2006.  Most  Western 
analysts  agree  Beijing  likely  will  retain  the  ability — even  with  slower 
growth  rates  of  its  GDP  and  government  revenue — to  fund  its  ongoing 
military  modernization.32 

It  is  difficult  to  estimate  China’s  actual  defense  spending  due  to  the 
uncertainty  involved  in  determining  how  China’s  purchasing  power  parity 
affects  the  cost  of  China’s  foreign  military  purchases  and  domestic  goods 
and  services,  as  well  as  Beijing’s  omission  of  major  defense-related  expendi¬ 
tures.  Some  purchases  of  advanced  weapons,  research  and  development 
programs,  domestic  security  spending,  and  local  government  support  to 
the  PLA  are  not  included  in  China’s  official  figures  on  defense  spending. 
The  Institute  of  International  Strategic  Studies  assesses  China’s  actual 
defense  spending  is  40  to  50  percent  higher  than  the  official  figure.33 
The  US  Department  of  Defense  estimated  China’s  actual  defense  spend¬ 
ing  in  2012  fell  between  $135  and  $215  billion,  or  approximately  20  to 
90  percent  higher  than  its  announced  defense  budget.34 

US-China  Security  Relations 

US-China  military-to-military  relations  deepened  and  expanded  in 
2013  after  several  years  of  setbacks.  From  2012  to  2013,  the  number 
of  US-China  military-to-military  contacts  more  than  doubled  from 
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approximately  20  to  40. 35  In  particular,  contact  between  the  US  Navy 
and  the  PLA  Navy  increased  significantly  during  this  time  frame.  Key 
military-to-military  contacts  in  2013  included  the  first  port  visit  by  a 
US  Navy  ship  to  China  since  2009,  the  first  port  visit  by  a  Chinese 
ship  to  the  United  States  since  2006,  and  the  second  ever  US-China 
counterpiracy  exercise.  Additionally,  China  in  March  2013  accepted  the 
invitation,  first  extended  by  then  Secretary  of  Defense  Leon  Panetta  in 
September  2012,  to  participate  in  the  US-led  multilateral  Rim  of  the 
Pacific  Exercise  near  Hawaii  in  20 14. 36 

The  DoD  contends  that  a  strong  military-to-military  relationship 
develops  familiarity  at  the  operational  level.  The  department  argues  that 
this  reduces  the  risk  of  conflict  through  accidents  and  miscalculations, 
builds  lines  of  communication  at  the  strategic  level  that  could  be  im¬ 
portant  during  a  crisis,  contributes  to  better  overall  bilateral  relations, 
and  creates  opportunities  to  obtain  greater  contributions  from  China  to 
international  security.  US  Pacific  Command  commander  ADM  Samuel 
Locklear  in  July  2013  said,  “The  progress  that  were  making  between  our 
two  militaries  is  quite  commendable  .  . .  because  we  are  able  to  have  very 
good  dialogue  on  areas  where  we  converge,  and  there  are  a  lot  of  places 
where  we  converge  as  two  nations,  and  were  also  able  to  directly  address 
in  a  matter-of-fact  way  where  we  diverge.”37 

There  have  been  eight  rounds  of  strategic  dialogue  between  China 
and  the  United  States,  currently  managed  by  the  Pacific  Forum-CSIS. 
This  is  a  Track  1.5  dialogue  that  involves  some  representatives  from  the 
US  government  in  attendance,  but  virtually  all  Chinese  participants  are 
from  some  part  of  their  government.  The  past  several  rounds  of  the  dia¬ 
logue  have  dealt  with  some  of  the  most  important  strategic  issues  facing 
China  and  the  United  States,  including  nuclear  strategic  stability;  the 
relationship  between  cyber  attacks,  space  warfare,  and  nuclear  stability; 
ballistic  missile  defense;  and  strategic  early  warning.  Officers  from  China’s 
strategic  missile  forces  have  been  in  attendance  at  the  dialogue.  I  see  this 
as  one  of  the  most  productive  dialogues  taking  place  with  China.  The 
PLA  is  an  active  participant.  Ideally  such  discussions  should  be  direct, 
government-to-government  talks,  but  it  is  encouraging  that  the  PLA 
and  the  Chinese  Foreign  Ministry  are  engaged  on  these  matters. 

In  another  positive  development,  in  mid-November,  the  US  Army  and 
the  PLA  ground  forces  conducted  their  first  ever  field  exercise  together. 
The  exercise  was  focused  on  disaster  relief  and  took  place  in  Hawaii.38 

My  own  experience  in  direct  military-to-military  contacts  with  China 
leads  me  to  advise  caution  in  what  we  do  with  the  PLA  and  what  we 
show  them.  In  my  opinion,  the  wise  limitations  placed  by  Congress  on 
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military  exchanges  with  China  in  the  National  Defense  Authorization 
Act  (NDAA)  of  2000  should  not  be  lifted.  The  commission’s  annual 
report  also  reflects  this  sentiment.  Military-to-military  contacts  with 
China  require  careful  oversight  to  ensure  that  the  United  States  does 
not  improve  China’s  capability  against  our  own  forces,  Taiwan,  or  our 
friends  and  allies  in  the  Asia-Pacific  region. 

Enhanced  military-to-military  contacts  between  China  and  the  United 
States  in  2013  took  place  in  the  context  of  China’s  efforts  to  rebrand  the 
bilateral  relationship  as  a  “new  type  of  major-country  relationship.”  This 
concept,  promoted  heavily  in  2013  by  Chinese  President  Xi  Jinping  and 
other  high-level  Chinese  officials,  posits  the  United  States  and  China 
should,  as  two  major  powers,  seek  to  cooperate  on  a  range  of  bilateral 
and  global  issues  while  avoiding  the  kind  of  harmful  competition  that 
often  characterizes  relationships  between  dominant  powers  and  rising 
ones.39  Cooperation  is  a  good  thing,  but  US  military  leaders  cannot  lose 
sight  of  the  PLA’s  record  on  human  rights.  This  dictates  practical  limita¬ 
tions  on  what  we  do  with  China’s  armed  forces.  The  principal  mission 
of  China’s  military  is  to  keep  the  Chinese  Communist  Party  (CCP)  in 
power,  as  we  saw  in  the  way  that  the  PLA  was  used  during  the  4  June 
1989  Tiananmen  Massacre  and  in  Tibet. 

China’s  Cyber  Activities 

While  China  continues  to  develop  its  navy,  air  force,  missile  forces, 
and  space  and  counterspace  capabilities,  in  Chinese  military  writings, 
cyberspace  is  an  increasingly  important  component  of  China’s  compre¬ 
hensive  national  power  and  a  critical  element  of  its  strategic  competition 
with  the  United  States.40  Beijing  seems  to  recognize  that  the  United 
States’  current  advantages  in  cyberspace  are  allowing  Washington  to  collect 
intelligence,  exercise  command  and  control  of  military  forces,  and  sup¬ 
port  military  operations.  At  the  same  time,  China’s  leaders  fear  that 
the  United  States  may  use  the  open  Internet  and  cyber  operations  to 
threaten  the  CCP’s  legitimacy. 

Since  the  commission’s  2012  Annual  Report  to  Congress,  strong  evi¬ 
dence  has  emerged  that  the  Chinese  government  is  directing  and  executing 
a  large-scale  cyber  espionage  campaign  against  the  United  States.  China 
to  date  has  compromised  a  range  of  US  networks,  including  those  of 
DoD  and  private  enterprises.  These  activities  are  designed  to  achieve  a 
number  of  broad  security,  political,  and  economic  objectives. 

There  are  no  indications  the  public  exposure  of  Chinese  cyber  espio¬ 
nage  in  technical  detail  throughout  2013  has  led  China  to  change  its 
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attitude  toward  the  use  of  cyber  espionage  to  steal  intellectual  property  and 
proprietary  information.  The  report  by  Mandiant,  a  US  private  cyber¬ 
security  firm,  about  the  cyber  espionage  activities  of  PLA  Unit  61398 
merely  led  the  unit  to  make  changes  to  its  cyber  “tools  and  infrastruc¬ 
ture”  to  make  future  intrusions  harder  to  detect  and  attribute.41  There 
are  about  16  technical  reconnaissance  (signals  intelligence)  units  and 
bureaus  in  the  PLA  and  at  least  seven  electronic  warfare  and  electronic 
countermeasures  units.42  Each  of  China’s  seven  military  regions  is  sup¬ 
ported  by  an  electronic  countermeasures  regiment,  and  it  looks  like  the 
PLA  Second  Artillery  Force  has  its  own  supporting  unit.43  These  or¬ 
ganizations  focus  on  cyber  penetrations,  cyber  espionage,  and  elec¬ 
tronic  warfare. 

When  confronted  with  public  accusations  from  the  United  States  about 
its  cyber  espionage,  Beijing  usually  attempts  to  refute  evidence  by  point¬ 
ing  to  the  anonymity  of  cyberspace  and  the  lack  of  verifiable  technical 
forensic  data.  It  also  shifts  the  media  focus  by  portraying  itself  as  the 
victim  of  Washingtons  cyber  activities  and  calling  for  greater  international 
cooperation  on  cyber  security.44  In  a  press  conference  on  the  day  after 
Mandiant  released  its  report  in  February  2013,  a  spokesperson  for  China’s 
Ministry  of  Foreign  Affairs  said,  “Groundless  speculation  and  accusations 
regarding  hacker  attacks,  for  various  purposes,  is  both  unprofessional  and 
irresponsible  and  it  is  not  helpful  for  solving  the  problem.”  He  also  em¬ 
phasized  cyber  attacks  are  a  serious  problem  for  China.45 

However,  a  number  of  public  US  government  reports,  admissions  by 
private  companies  that  they  have  been  the  target  of  cyber  espionage, 
investigations  by  cyber-security  firms,  and  US  press  reporting  contra¬ 
dict  Beijing’s  long-standing  denials.  While  attribution  is  difficult  and 
takes  great  skill,  trend  analysis  is  allowing  cyber-security  professionals  to 
develop  a  more  comprehensive  understanding  of  Chinese  cyber  actors, 
tools,  tactics,  techniques,  and  procedures. 

Threats  to  US  National  Security 

China’s  cyber  espionage  against  the  US  government  and  defense  indus¬ 
trial  base  poses  a  major  threat  to  US  military  operations,  the  security  and 
well-being  of  US  military  personnel,  the  effectiveness  of  equipment,  and 
readiness.  China  apparently  uses  these  intrusions  to  fill  gaps  in  its  own 
research  programs,  map  future  targets,  gather  intelligence  on  US  strategies 
and  plans,  enable  future  military  operations,  shorten  research  and  develop¬ 
ment  (R&D)  timelines  for  military  technologies,  and  identify  vulner¬ 
abilities  in  US  systems  and  develop  countermeasures.46 
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Military  doctrine  in  China  also  calls  for  attacks  on  the  critical  infra¬ 
structure  of  an  opponent’s  homeland  in  case  of  conflict.  In  July  2013,  a 
threat  researcher  at  Trend  Micro,  a  private  Japanese  cyber-security  firm, 
claimed  he  had  detected  a  Chinese  cyber  intrusion,  commencing  in  De¬ 
cember  2012,  of  a  honeypot.47  He  had  created  the  honeypot  to  resemble 
the  industrial  control  system  of  a  water  plant  in  the  United  States.  The 
researcher  attributed  the  intrusion  to  Unit  61398,  based  on  forensic 
analysis.48  If  true,  this  suggests  Unit  61398  is  collecting  intelligence  on 
critical  infrastructure  in  addition  to  other  targets.  Such  activities  are  con¬ 
sistent  with  PLA  doctrine,  which  explains  that  one  function  of  wartime 
computer  network  operations  is  to  “disrupt  and  damage  the  networks  of 
[an  adversary’s]  infrastructure  facilities,  such  as  power  systems,  telecom¬ 
munications  systems,  and  educational  systems.”49 

A  number  of  instances  of  Chinese  cyber  espionage  targeting  US  na¬ 
tional  security  programs  have  been  identified  in  recent  years.  In  May 
2013,  the  'Washington  Post  described  a  classified  report  by  the  Defense 
Science  Board,  which  lists  more  than  24  US  weapon  system  designs 
the  board  determined  were  accessed  by  cyber  intruders.  The  Washington 
Post  reported,  “Senior  military  and  industry  officials  with  knowledge 
of  the  breaches  said  the  vast  majority  were  part  of  a  widening  Chinese 
campaign  of  espionage  against  U.S.  defense  contractors  and  government 
agencies.”  The  list  includes  the  Patriot  missile  system,  Aegis  ballistic  mis¬ 
sile  defense  system,  the  F/A-18  fighter,  the  V-22  Osprey  multirole  com¬ 
bat  aircraft,  and  the  Littoral  Combat  Ship.50 

Information  gained  from  intrusions  into  the  networks  of  US  military 
contractors  likely  improves  China’s  insight  into  US  weapon  systems, 
enables  China’s  development  of  countermeasures,  and  shortens  China’s 
research  and  development  timelines  for  military  technologies.51  In  ad¬ 
dition,  the  same  intrusions  Chinese  cyber  actors  use  for  espionage  also 
could  be  used  to  prepare  for  offensive  cyber  operations.  Chinese  cyber 
actors  could  place  latent  capabilities  in  US  software  code  or  hardware 
components  that  might  be  employed  in  a  potential  conflict  between  the 
United  States  and  China. 

There  has  been  concern  in  recent  years  about  security  risks  to  the 
DoD’s  supply  chain.  In  a  meeting  in  May  2013,  commissioners  and 
DoD  officials  discussed  the  department’s  interpretation  of  US  law  re¬ 
garding  procurement  sources.  DoD  officials  indicated  a  stricter  procure¬ 
ment  evaluation  standard  that  includes  sourcing  concerns  could  be 
applied  only  to  items  on  the  United  States  Munitions  List.  Items 
outside  this  list  are  judged  by  a  different  standard,  which  some  officials 
believe  might  preclude  concerns  about  the  origin  of  products.  For 
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example,  items  procured  for  C4ISR  maintenance  facilities  are  not  sub¬ 
ject  to  stricter  scrutiny.  Commissioners  raised  concerns  that  this  inter¬ 
pretation  of  the  law  was  limiting  the  department’s  ability  to  address 
potential  risks  arising  from  certain  procurement  sources.  Commissioners 
urged  the  DoD  to  expand  the  purview  of  the  stricter  standard  to  items 
beyond  the  munitions  list. 

The  DoD  is  currently  moving  in  this  direction.  Section  806  of  the 
NDAA  for  Fiscal  Year  2011  (Public  Law  111-383),  is  intended  to  ad¬ 
dress  the  problem,  but  it  has  yet  to  be  fully  implemented.  Section  806 
authorizes  the  secretary  of  defense  and  the  secretaries  of  the  Army,  Navy, 
and  Air  Force  to  reject  procurement  sources  for  information  technology 
on  grounds  of  protecting  supply  chain  security  if  they  receive  a  recom¬ 
mendation  to  do  so  from  the  DoD.52  The  department  is  in  the  process 
of  implementing  Section  806,  having  conducted  tabletop  exercises  and 
written  the  Defense  Federal  Acquisition  Regulation  Supplement  Rule 
implementing  Section  806.  As  of  May  the  rule  was  undergoing  inter¬ 
agency  coordination.53  These  changes  to  DoD  procurement  ultimately 
may  provide  officials  with  the  flexibility  they  need  to  protect  all  DoD 
systems.  However,  progress  has  been  slow  and  the  problem  the  commis¬ 
sioners  highlighted  will  remain  until  the  new  policy  is  implemented, 
potentially  posing  a  threat  to  national  security.  Therefore,  in  the  2013 
Annual  Report  the  commission  recommends  Congress  urge  the  adminis¬ 
tration  to  expedite  progress  in  its  implementation  of  Section  806  of  the 
NDAA  for  Fiscal  Year  2011. 

Developments  in  cloud  computing  in  China  may  present  cyber-security 
risks  for  US  users  and  providers  of  cloud  computing  services  and  may 
also  have  implications  for  US  national  security.  Based  on  the  findings 
of  a  report  by  Defense  Group  Inc.  for  the  commission,  the  relation¬ 
ship  between  the  Ministry  of  State  Security  (MSS)  and  the  Chongqing 
Special  Cloud  Computing  Zone  represents  a  potential  espionage  threat 
to  foreign  companies  that  might  use  cloud  computing  services  provided 
from  the  zone  or  base  operations  there.54  In  addition,  the  plan  to  link 
21Yianet’s  data  centers  in  China  and  Microsoft’s  data  centers  in  other 
countries  suggests  the  Chinese  government  one  day  may  be  able  to 
access  data  centers  outside  China  through  Chinese  data  centers.52  With 
concerns  about  espionage  in  mind,  in  the  2013  Annual  Report,  the  com¬ 
mission  recommends  Congress  direct  the  administration  to  prepare  an 
inventory  of  existing  federal  use  of  cloud  computing  platforms  and  services 
and  determine  where  the  data  storage  and  computing  services  are  geo¬ 
graphically  located.  Such  inventory  should  be  prepared  annually  and 
reported  to  the  appropriate  committees  of  jurisdiction. 
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Cloud  computing  also  could  improve  the  PLA’s  C4ISR  capabilities. 
DGI  writes  that  cloud  computing  “could  enable  more  effective  and  flex¬ 
ible  development  and  deployment  of  military  equipment,  while  at  the 
same  time  improving  the  survivability  of  the  PLA’s  information  systems 
by  endowing  them  with  greater  redundancy  (allowing  a  system’s  capa¬ 
bilities  to  survive  the  disabling  or  destruction  of  any  individual  node).”56 

Threats  to  US  Industry 

China’s  cyber  espionage  against  US  commercial  firms  poses  a  signifi¬ 
cant  threat  to  US  business  interests  and  competiveness  in  key  indus¬ 
tries.  This  cyber  espionage  complements  traditional  human  espionage. 
Through  these  efforts,  the  PLA  and  China’s  defense  industries  are  able  to 
leapfrog  ahead  in  technologies  and  systems  and  fill  in  gaps  in  their  own 
research  and  development  capabilities  at  a  considerable  savings  in  time 
and  money.  Gen  Keith  Alexander,  commander  of  US  Cyber  Command, 
assessed  the  cost  to  US  companies  of  intellectual  property  theft  is  about 
$250  billion  a  year,  although  not  all  the  losses  are  due  to  Chinese  activ¬ 
ity.57  Chinese  entities  engaging  in  cyber  and  other  forms  of  economic 
espionage  likely  conclude  that  stealing  intellectual  property  and  propri¬ 
etary  information  is  much  more  cost-effective  than  investing  in  lengthy 
R&D  programs. ?8  These  thefts  support  national  science  and  technology 
development  plans  that  are  centrally  managed  and  directed  by  the  PRC 
government. 

The  Chinese  government,  primarily  through  the  PLA  and  the  Minis¬ 
try  of  State  Security,  supports  these  activities  by  providing  state-owned 
enterprises  information  and  data  extracted  through  cyber  espionage  to 
improve  their  competitive  edge,  cut  R&D  timetables,  and  reduce  costs. 
The  strong  correlation  between  compromised  US  companies  and  those 
industries  designated  by  Beijing  as  “strategic”  industries  further  indicates 
a  degree  of  state  sponsorship,  and  likely  even  support,  direction,  and  ex¬ 
ecution  of  Chinese  economic  espionage.59  Such  governmental  support 
for  Chinese  companies  enables  them  to  out-compete  US  companies, 
which  do  not  have  the  advantage  of  leveraging  government  intelligence 
data  for  commercial  gain.60 

It  is  difficult  to  quantify  the  benefits  Chinese  firms  gain  from  cyber 
espionage.  We  do  not  know  everything  about  the  kinds  of  information 
that  is  targeted  and  taken,  nor  do  we  always  know  which  Chinese  ac¬ 
tor  stole  the  information.  Some  thefts  may  take  place  that  are  never 
detected.  In  terms  of  business  intelligence,  some  targets  of  cyber  theft 
likely  include  information  related  to  negotiations,  investments,  and  cor¬ 
porate  strategies  including  executive  e-mails,  long-term  business  plans, 
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and  contracts.  In  addition  to  cyber  theft,  Chinese  companies  almost 
certainly  are  acquiring  information  through  traditional  espionage  activities, 
which  limits  our  ability  to  identify  the  impact  of  cyber  espionage  in  par¬ 
ticular.  Nevertheless,  it  is  clear  that  China  not  only  is  the  global  leader  in 
using  cyber  methods  to  steal  intellectual  property,  but  also  accounts  for 
the  majority  of  global  intellectual  property  theft.61  Chinese  actors  have 
on  several  occasions  in  recent  years  leveraged  cyber  activities  to  gain  sen¬ 
sitive  or  proprietary  information  from  US  enterprises: 

•  In  the  report  by  Mandiant  mentioned  earlier,  there  is  evidence  that 
since  2006  PLA  Unit  61398  has  penetrated  the  networks  of  at  least 
14 1  organizations,  including  companies,  international  organiza¬ 
tions,  and  foreign  governments.  These  organizations  are  either  located 
or  have  headquarters  in  1 5  countries  and  represent  20  major  sectors, 
from  information  technology  to  financial  services.  Of  those  organi¬ 
zations  penetrated,  81  percent  were  either  located  in  the  United 
States  or  had  US-based  headquarters.  According  to  Mandiant,  Unit 
61398,  gained  access  to  a  wide  variety  of  intellectual  property  and 
proprietary  information  through  these  intrusions.62  Unit  61398  is 
the  Second  Bureau  of  the  PLA’s  technical  reconnaissance  depart¬ 
ment,  based  in  Shanghai.63 

•  In  another  high-profile  example  of  a  Chinese  company  allegedly  tar¬ 
geting  a  US  company’s  intellectual  property  through  cyber  espionage, 
the  Department  of  Justice  (DoJ)  in  June  2013  filed  charges  against 
Sinovel  Wind  Group,  a  Chinese  energy  firm,  alleging  Sinovel  stole 
intellectual  property  from  Massachusetts-based  company  American 
Superconductor  (AMSC).64  Once  Sinovel  was  able  to  reproduce 
AMSC’s  technology  after  stealing  its  proprietary  source  code,  the 
Chinese  firm  broke  the  partnership,  cancelled  existing  orders,  and 
devastated  AMSC’s  revenue.  AMSC  has  sought  compensation  from 
Sinovel  through  lawsuits  in  China,  an  effort  which  is  ongoing  and 
has  resulted  in  legal  fees  for  AMSC  exceeding  $6  million.65  While 
these  lawsuits  continue  to  move  slowly  through  the  Chinese  legal 
system,  adding  to  AMSC’s  legal  fees,  Sinovel  is  reaping  the  profits 
of  stolen  technology.66 
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Deterring  Chinese  Cyber  Theft 

It  is  clear  that  attempting  to  name  the  perpetrators  in  China  in  an 
attempt  to  shame  the  Chinese  government  is  not  sufficient  to  deter  Chi¬ 
nese  entities  from  conducting  cyber  espionage  against  US  companies. 
Mitigating  the  problem  will  require  a  well-coordinated  approach  across 
the  US  government  and  with  industry.  Many  potential  actions  are  being 
discussed  by  Congress,  the  Obama  administration,  and  outside  experts. 
These  actions  include  linking  economic  cyber  espionage  to  trade  restric¬ 
tions,  prohibiting  Chinese  firms  using  stolen  US  intellectual  property 
from  accessing  US  banks,  and  banning  US  travel  for  Chinese  organiza¬ 
tions  that  are  involved  with  cyber  espionage.  The  US-China  Economic 
and  Security  Review  Commission  recommends  Congress  take  the  fol¬ 
lowing  actions: 

•  Adopt  legislation  clarifying  the  actions  companies  are  permitted  to 
take  regarding  tracking  intellectual  property  stolen  through  cyber 
intrusions. 

•  Amend  the  Economic  Espionage  Act  (18  U.S.C.  §  1831-1839)  to 
permit  a  private  right  of  action  when  trade  secrets  are  stolen. 

•  Support  the  administration’s  efforts  to  achieve  a  high  standard  of 
protection  of  intellectual  property  rights  in  the  Trans-Pacific  Part¬ 
nership  and  the  Transatlantic  Trade  and  Investment  Partnership. 

•  Encourage  the  administration  to  partner  with  other  countries  to 
establish  an  international  list  of  individuals,  groups,  and  organiza¬ 
tions  engaged  in  commercial  cyber  espionage.  The  administration 
and  partner  governments  should  develop  a  process  for  the  list’s  vali¬ 
dation,  adjudication,  and  shared  access. 

•  Urge  the  administration  to  continue  to  enhance  its  sharing  of  in¬ 
formation  about  cyber  threats  with  the  private  sector,  particularly 
small-  and  medium-sized  companies. 

My  personal  view  is  that  the  president  already  has  the  authority  to 
place  sanctions  on  Chinese  persons,  government  industries,  and  com¬ 
panies  through  the  International  Emergency  Economic  Powers  Act.67  If 
the  magnitude  of  the  damage  to  the  US  economy  is  as  great  as  that  cited 
by  General  Alexander,  the  president  should  exercise  that  authority. 
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Sustaining  the  US  Military’s  “Rebalance”  to  Asia 

In  January  2012,  DoD’s  Defense  Strategic  Guidance  declared  the  US 
military  will  “of  necessity  rebalance  toward  the  Asia  Pacific”  by  empha¬ 
sizing  existing  alliances,  expanding  its  networks  of  cooperation  with 
“emerging”  partners,  and  investing  in  military  capabilities  to  ensure  ac¬ 
cess  to  and  freedom  to  maneuver  within  the  region.68  US  Chief  of  Naval 
Operations  ADM  Jonathan  Greenert  explained  the  US  Navy’s  role  in 
the  rebalance:  “As  directed  by  the  2012  Defense  Strategic  Guidance  .  .  .  the 
[US]  Navy  formulated  and  implemented  a  plan  to  rebalance  our  forces, 
their  homeports,  our  capabilities,  and  our  intellectual  capital  and  part¬ 
nerships  toward  the  Asia  Pacific.”69  Specifically,  the  US  Navy  aims  to 
increase  its  presence  in  the  Asia  Pacific  from  about  50  ships  in  2013  to 
60  ships  by  2020  and  “rebalance  homeports  to  60  percent”  in  the  region 
by  2020. 70 

However,  the  commissions  annual  report  notes  that  US  Defense  Secre¬ 
tary  Chuck  Hagel  in  July  2013  said  Washington  would  have  to  choose 
between  a  smaller,  modern  military  and  a  larger,  older  one  if  sequester- 
level  funding  continues.71  Admiral  Greenert  has  warned  constraints  in 
the  current  budget  environment  could  delay  or  prevent  the  US  Navy 
from  achieving  its  objectives  in  the  rebalance.72  There  is  growing  con¬ 
cern  in  the  United  States  and  among  US  allies  and  partners  that  the 
DoD  will  be  unable  to  follow  through  on  its  commitment  to  the  rebal¬ 
ance  due  to  declining  defense  budgets  and  emerging  crises  elsewhere 
in  the  world.  This  could  lead  some  regional  countries  to  increasingly 
accommodate  China  or  pursue  military  capabilities  that  could  be  used 
offensively  or  preemptively.  Either  scenario  could  undermine  US  interests 
in  the  region. 

I  urge  you  to  keep  in  mind  that  by  2020,  China  could  have  a  navy 
and  air  force  in  Asia  that  outnumbers  and  almost  matches  the  technical 
capability  of  our  own  forces.  If  our  military  force  shrinks  because  of  our 
own  budget  problems,  we  may  have  60  percent  of  our  forces  in  the  Asia- 
Pacific  region,  but  60  percent  of  200  ships  is  far  less  than  60  percent  of 
a  300-ship  navy.  That  may  not  be  sufficient  to  deter  China  or  to  reassure 
our  friends  and  allies  in  the  region. 


Larry  M.  Wortzel,  PhD 

US-China  Economic  and 
Security  Review  Commission 
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Dr.  Wortzel  was  appointed  a  member  of  the  US-China  Economic  and  Security  Review 
Commission  in  2001  and  served  two  terms  as  its  chair.  He  is  a  retired  US  Army  colonel  who 
spent  much  of  his  32-year  military  career  in  the  Asia-Pacific  region.  Colonel  Wortzel  was  as¬ 
sistant  Army  attache  in  China  from  1988  to  1990  and  Army  attache  in  China  from  1995  to 
1997.  He  is  the  author  of  The  Dragon  Extends  its  Reach:  Chinese  Military  Power  Goes  Global 
(Potomac  Books,  2013).  A  graduate  of  the  Armed  Forces  Staff  College  and  the  US  Army  War 
College,  Wortzel  earned  his  MA  and  PhD  in  political  science  from  the  University  of  Hawaii. 
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Why  Cyber  War  Will  Not  and  Should 
Not  Have  Its  Grand  Strategist 


Martin  C.  Libicki 

Cyber  war  proponents  often  argue  the  domain  needs  its  own  Billy 
Mitchell  or  Giulio  Douhet — strategists  with  great  vision  who  will  de¬ 
clare  to  the  world  what  great  power  lies  therein.1  To  be  sure,  cyber  war 
has  no  shortage  of  advocates.  But  as  Colin  Gray  recently  observed, 
“When  historians  in  the  future  seek  to  identify  a  classic  book  or  two  on 
cyber  power  written  in  the  1990s  and  2000s,  they  will  be  hard  pressed 
to  locate  even  the  shortest  of  short-listable  items.  .  .  .  Certainly  they  are 
nowhere  near  deserving  (oxymoronic)  instant  classic  status.”2 

But  has  the  failure  of  cyber  war  to  generate  any  such  ideal  necessarily 
been  a  bad  thing?  There  is  a  case  to  be  made  that  it  is  too  early  to  expect 
such  a  classic.  If  the  Owl  of  Minerva  flies  at  dusk,  in  cyberspace  the  sun 
is  just  above  the  yardarm;  the  information  revolution  is  hardly  a  done 
deal.  But  such  a  case  is  too  easy.  What  if  the  fundamental  features  of 
cyber  war  were  to  remain  essentially  as  they  are  into  the  indefinite  future? 
Although  highly  unlikely,  this  is  not  so  absurd  a  proposition.  The  late 
Roger  Molander  of  RAND  would  frequently  remind  me  that  the  ques¬ 
tions  we  wrestled  with  in  the  mid  1990s  are  no  less  relevant  and  no  better 
understood  today  than  they  were  then. 

Even  assuming  that  the  cyber  domain  has  yet  to  stop  evolving,  it  is 
not  clear  that  a  classic  strategic  treatment  of  cyber  war  is  possible,  or, 
even  if  it  were,  it  would  be  particularly  beneficial.  In  explaining  why, 
this  article  makes  three  points.  First,  the  salutary  effects  of  such  classics 
are  limited.  Second,  the  basic  facts  of  cyberspace,  and  hence  cyber  war, 
do  not  suggest  that  it  would  be  nearly  as  revolutionary  as  airpower  has 
been,  or  anything  close.  Third,  more  speculatively,  if  there  were  a  classic 
on  cyber  war,  it  would  likely  be  pernicious. 


Martin  C.  Libicki,  PhD,  is  a  visiting  professor  at  the  US  Naval  Academy  and  a  senior  management 
scientist  at  RAND  focusing  on  the  impact  of  information  technology  on  domestic  and  national  security. 
Previously,  he  worked  for  the  National  Defense  University,  the  Navy  Staff,  and  the  GAO  s  Energy  and 
Minerals  Division.  He  holds  a  masters  degree  and  a  PhD  from  the  University  of  California— Berkeley. 
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The  Limited  Usefulness  of  Classics 

Clausewitz’s  On  War  was,  is,  and  will  continue  to  be  perhaps  the  classic 
book  on  warfare,  but  it  would  be  an  exaggeration  to  argue  that  it  was 
an  “instant  classic.”  It  was  published  posthumously.  Its  influence  spread 
slowly — within  a  generation  in  Germany  and  not  until  after  1945  in 
the  United  States.  Furthermore,  it  really  is  not  a  book  that  gained  its 
reputation  by  talking  about  land  warfare  as  such.  True,  all  of  its  chapters 
between  the  introduction  and  conclusion  are  about  land  warfare.  But 
what  made  it  a  classic  was  its  treatment  of  war  itself — that  is,  the  role 
and  purpose  of  military  force  within  the  relations  among  states  and 
the  relationship  between  the  goals  of  war  and  its  reality  in  battle  (“fog 
and  friction”). 

In  the  naval  domain  the  name  Mahan  is  clearly  front  and  center.  Mahan 
lauded  naval  power  as  essential  to  the  maintenance  of  a  seafaring  state, 
especially  one  that  wanted  to  maintain  a  global  empire — not  an  irrelevant 
consideration  circa  1890  when  he  published  The  Influence  of  Sea  Power 
upon  History,  1660—1783  (such  historic  dates  suggest  he  was  not  overly 
impressed  by  technology  fads).  His  book  argued  strenuously  for  large 
battle  fleets,  which  by  their  very  presence  and  concentration  (“fleet  in 
being”)  could  dissuade  other  states  from  trying  to  assert  sea  control  on 
their  own  behalf.  He  eschewed  the  Jeune  Ecole  preference  for  com¬ 
merce  raiding. 

Mahan’s  work  was  enormously  influential  inside  the  United  States  (an 
inspiration  for  Theodore  Roosevelt’s  Great  White  Fleet),  and  perhaps 
even  more  outside  it.  Kaiser  Wilhelm  was  particularly  enchanted  by  it, 
as  were,  to  only  a  slightly  lesser  extent,  Jackie  Fisher  and  the  British 
Royal  Navy.  Although  the  expensive  Anglo-German  naval  rivalry  cannot 
be  entirely  laid  at  Mahan’s  doorstep,  his  influence  was  not  trivial,  and 
the  rivalry  over  battleship  building  hardly  played  a  calming  role  in  that 
bilateral  relationship. 

As  for  naval  strategy,  Mahan’s  work  was  not  particularly  helpful  for 
those  who  believed  in  his  doctrine.  The  Kaiser’s  love  for  his  fleet  kept  it  in 
port  for  the  two  and  a  half  years  after  the  Battle  of  Jutland,  even  though 
Germany  might  have  had  a  chance — admittedly,  with  a  substantial 
amount  of  luck — to  break  the  blockade  on  it  and  the  Austro-Hungarian 
Empire.  This  blockade  ultimately  accelerated  the  Central  Powers  break¬ 
ing  under  the  stress  of  war  before  the  Allies  did.  Meanwhile,  the  naval 
action  that  nearly  broke  the  war  the  other  way  was  the  success  of  German 
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U-boat  attacks  on  Britain’s  supply  lines  to  North  America.  In  retrospect, 
the  more  decisive  use  for  naval  power  in  World  War  I  was  closer  (albeit 
with  submarines,  not  surface  ships)  to  the  commerce-raiding  that  Mahan 
disdained  25  years  earlier  in  favor  of  grand  fleet  actions.  He  had  argued 
these  fleet  actions  were  the  sine  qua  non  of  naval  power. 

All  this  suggests  that  the  global  enthusiasm  over  Mahan’s  writing — 
which  was  an  instant  classic — was  good  neither  for  world  peace  nor  a 
productive  naval  strategy.  Perhaps  these  are  tough  tests  for  any  analyst 
to  pass,  but  if  we  are  to  laud  the  writing  of  great  strategic  formulations 
these  are  not  unfair  evaluations. 

Consider  now  airpower.  Three  individuals  stand  out  in  the  develop¬ 
ment  of  post- World  War  I  strategic  thought:  the  writer  Giulio  Douhet 
and  generals  Billy  Mitchell  and  Hugh  Trenchard.  All  three  argued  that 
air  forces  would  become  an  increasingly  important  component  of  modern 
militaries  and  that  military  strategy  should,  correspondingly,  reflect  that 
fact.  In  that  insight,  they  were  correct. 

Douhet  went  further  to  emphasize  the  role  of  strategic  bombardment 
in  not  only  winning  future  wars,  but  also  shortening  them  (in  that  respect — 
if  World  War  II  was  any  indication — he  was  not  correct).  There  is  an 
important  distinction  to  be  made  between  the  tactical  or  operational 
use  of  airpower  (to  aid  ground  and  naval  forces)  and  its  strategic  use:  to 
break  the  enemy’s  will  to  resist  and  destroy  its  ability  to  arm  itself.  In 
theory,  air  forces  can  do  both  operational  and  strategic  missions;  in  prac¬ 
tice,  their  resources  are  limited,  and  funds  used  for  strategic  purposes 
compete  for  resources  used  operationally. 

This  leads  to  the  question:  Was  World  War  II’s  emphasis  on  the  stra¬ 
tegic  campaign  such  a  good  idea?  In  the  first  major  war  in  which  this 
proposition  could  be  truly  tested,  only  three  countries  were  capable  of 
mounting  a  serious  strategic  bombing  campaign — first  Germany,  then 
the  United  Kingdom  and  the  United  States.  Germany’s  efforts  did  not 
seem  to  have  accomplished  much;  it  did  not  force  the  UK  out  of  the  war 
nor  make  much  of  a  dent  in  its  war  production.  The  US  and  UK  bomb¬ 
ing  campaigns  certainly  had  effects,  but  these  effects  were  purchased 
at  great  cost — the  Eighth  Air  Force  alone  suffered  more  than  50,000 
deaths  (by  comparison,  the  entire  US  Pacific  campaign  cost  twice  as 
many  lives).  The  succeeding  decades  saw  considerable  controversy  over 
whether  such  bombing  campaigns  were  worthwhile,  with  detractors  saying 
they  increased  Germany’s  will  to  resist  and,  only  toward  the  very  end, 
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impaired  its  ability  to  produce  war  materiel.  A  recent  prominent  defense  of 
strategic  bombing  by  Richard  Overy  maintains  they  were  worthwhile,3 
not  for  what  harm  they  did  to  the  Germans,  but  for  how  much  Germany 
spent  (mostly  wasted)  to  counter  them.  Even  if  true,  that  is  a  far  cry 
from  Douhet’s  rationale  (“air  power  will  demoralize  foes”  to  “air  power 
will  cause  foes  to  overreact  in  self-defense”).  Admittedly,  a  B-29  loaded 
with  nuclear  weapons  can  have  a  considerably  greater  effect  than  a  B-29 
loaded  with  conventional  weapons — a  victory  for  airpower,  but  only  for 
15  years  until  missiles  were  invented  to  do  the  job  more  efficiently  and 
reliably.  Furthermore,  it  took  until  NATO’s  campaign  in  Kosovo  before 
there  was  a  first,  albeit  even  then  arguable,  validation  of  Douhet’s  thesis. 

If  the  strategic  implications  of  airpower  were  poorly  understood  by 
virtue  of  their  being  exaggerated,  the  operational  implications  of  air¬ 
power  a  la  Billy  Mitchell  (and  many  others  at  the  time,  if  not  so 
dramatically)  were  on  point.  Airpower  would  rise  in  importance  relative 
to  land  and  sea  weapons.  At  sea,  by  1942  the  carrier  was  universally 
recognized  as  the  replacement  for  the  battleship,  although  the  carrier 
was  under  firm  naval  control.  Only  a  half-century  after  World  War  I, 
success  in  gaining  air  control  (the  1967  Six-Day  War  and  Operations 
Desert  Storm  and  Iraqi  Freedom)  predisposed  and  foretold  success  in 
ground  combat  (at  least  over  uncluttered  terrain) . 

The  basis  for  Billy  Mitchell’s  optimism  was,  in  retrospect,  clear.  Every 
year,  aircraft  became  faster;  flew  higher,  farther  and  longer;  and  could 
carry  more  weight  (weapons  but  also  cargo).  Antiaircraft  weapons  were 
improving  but  not  so  quickly  (targeting  radar  and  analog  computing 
helped  but  only  somewhat).  Nor  were  ground  or  sea-based  weaponry 
getting  more  impervious  to  bomb  damage  all  that  quickly.  Technology 
was  inexorably  shifting  the  dominance  of  battle  to  the  skies.  That  being 
so,  every  other  decision  about  the  conduct  of  batde  would  have  to  factor 
the  shift-in-power  relationships  from  ground  and  surface  to  air  accordingly. 

As  noted,  nothing  boosted  airpower  as  much  as  the  development  of 
atomic  weapons,  which  seemed  to  have  validated  Douhet’s  thesis,  at  least 
ex  post  facto.  The  US  Air  Force  came  to  absorb  almost  half  of  the  na¬ 
tion’s  defense  budget  in  the  Eisenhower  administration.  Clearly,  a  single 
weapon  capable  of  knocking  out  cities  was  going  to  have  a  strategic  effect 
on  both  war  and  warfare.  So,  were  there  any  classics  in  this  new  atomic 
field,  and  what  good  did  they  do? 
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The  first  place  to  look  was  a  set  of  essays  by  Bernard  Brodie  for  the 
book,  The  Absolute  Weapon:  Atomic  Power  and  World  Order!'  wherein  can 
be  found  his  famous  quote:  “Thus  far  the  chief  purpose  of  our  military 
establishment  has  been  to  win  wars.  From  now  on  its  chief  purpose  must 
be  to  avert  them.  It  can  have  almost  no  other  useful  purpose.”  His  essays 
do  mention  deterrence,  but  the  thrust  of  his  writing  was  not  about  how 
to  use  atomic  forces  but  to  drive  home  the  point  that  a  country  under 
serious  atomic  attack  (that  is,  thousands  of  atomic  bombs)  would  be 
effectively  destroyed  regardless  of  how  well  defended  it  was.  Indeed,  his 
essay  spends  more  time  on  how  to  lay  out  cities  to  maximize  their  sur¬ 
vivability  in  an  atomic  war  than  it  does  contemplating  what  a  strategy 
of  deterrence  might  mean  for  the  construction  and  the  use  of  forces.  So, 
instant  classic  quote  but  no  instant  classic  work. 

More  works  followed  in  the  1950s  by  Albert  Wohlstetter  (on  the  im¬ 
portance  of  a  second-strike  capability),5  Tom  Schelling  (on  strategies  that 
“left  something  to  chance”),6  and  Herman  Kahn  (on  the  need  for  escala¬ 
tion  dominance).7  It  was  undoubtedly  brilliant  stuff,  but  was  it  necessarily 
a  wise  way  to  fight — or,  better  yet,  avoid — a  nuclear  war?  The  classic 
model  of  a  nuclear  confrontation  featured  ultra-cool  decision  makers 
rationally  facing  the  prospect  of  mega  deaths  and  maneuvering  deftly 
to  avoid  that  and  worse.  The  actual  conduct  of  a  nuclear  crisis  (Cuba 
1 962)  suggested  something  a  little  different:  world  leaders,  having  stared 
at  the  abyss,  realized  they  had  come  far  too  close  to  a  nuclear  holocaust 
and  never  ever  wanted  to  get  that  close  again.  Reactions  to  that  near 
catastrophe  included  the  hotline  and  the  1963  test  ban  treaty.  Rather 
than  each  side  making  noises  as  if  it  would  throw  the  steering  wheel  out 
the  window  (as  Schelling’s  strategy  suggested),  each  instituted  measures 
to  ensure  and  assure  others  that  it  had  a  much  better  grip.  Similarly, 
strategic  thinking,  deprived  of  direct  evidence  of  Soviet  thought,  tended 
to  assume  that  the  Soviet  Union  would  approach  a  confrontation  much 
as  Americans  would — that  is,  by  carefully  delineating  (if  not  necessarily 
observing)  a  firebreak  between  conventional  and  nuclear  operations.  The 
opening  of  the  Soviet  archives  in  1989  indicated  that  such  delineations 
were  not  particularly  important  to  them.  Fortunately,  no  one  ever  had 
to  go  to  war  based  on  these  strategic  theories. 

Incidentally,  none  of  this  infers  that  such  thinkers  did  not  educate  the 
mind  by  raising  key  questions.  Even  when  wrong,  one  cannot  help  but 
profit  by  working  through  arguments  and,  in  some  cases,  asking  whether 
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their  logic  applies  to  cyberspace.  Unfortunately,  when  such  thinkers  are 
cited  as  authorities — which  they  inevitably  are — their  arguments  are 
converted  into  answers,  at  least  in  the  minds  of  their  adherents. 

The  next  two  domains  of  conflict — space  and  spectrum — have  no 
comparably  memorable  strategic  doctrines  or  assessments  associated 
with  them  at  all.  This,  alone,  should  raise  the  question  of  why  cyber¬ 
space  should.  Once  touted  as  the  really  high  ground,  outer  space  turns 
out  to  be  merely  a  nifty  place  to  stick  information  collection/processing 
devices — surveillance  satellites,  communications  relays,  and  timing/ 
navigation  systems  (e.g.,  GPS) — and  it  is  not  clear  that  space  will  always 
remain  competitive  vis-a-vis  networked  unmanned  air-breathing  systems 
for  the  first  two  roles.  Space  is  not  a  particularly  good  place  from  which 
to  fight  wars.  It  costs  a  great  deal  to  get  something  into  orbit,  and  the 
price  per  pound  has  not  appreciably  fallen  since  the  1970s.  Space-based 
weapons  are  not  only  expensive  but,  in  their  current  incarnation,  take 
longer  to  reach  their  targets  than  do  simple  missiles8 — deorbiting  some¬ 
thing  actually  takes  some  time.  Space  systems  are  also  quite  fragile  in  the 
sense  that  they  can  be  destroyed  by  a  very  small  object  hitting  head-on 
at  a  relative  speed  of  36,000  miles  an  hour,  assuming  they  are  both  in 
low-earth  orbit.  In  a  contest  between  a  ground-based  missile  and  a  satel¬ 
lite,  the  odds  (these  days)  are  on  the  missile.  So,  much  to  the  anguish 
of  the  space  community,  here  is  a  domain  without  a  strategic  concept, 
and,  at  this  point,  not  inappropriately.  It  is  easy,  incidentally,  to  get  lost 
in  arcane  debates  over  which  orbit  in  space  is  truly  the  high  ground  that 
dominates  all  the  other  orbits  in  space  (true  aficionados  wax  rhapsodic 
about  controlling  the  LI  point,  which  is  roughly  four  times  as  far  from 
the  earth  as  the  moon  and  sits  directly  between  the  sun  and  the  earth). 

Finally,  a  word  is  needed  in  defense  of  the  radio-frequency  (RF)  spec¬ 
trum  as  a  domain  of  warfare,  mostly  because  this  domain  not  only  lacks 
a  strategic  theory  but  lacks  a  strong  proponent  for  theory-building.  Yet, 
it  is  a  physical  domain  in  which  dominance,  in  the  sense  that  those  who 
can  get  their  signal  through  and  keep  others  from  getting  their  signal 
through,  thereby  gives  its  possessor  a  signal  advantage  in  warfare.  No 
serious  military  power  ignores  electronic  warfare,  largely  because  radio 
communications  allow  militaries  to  coordinate  their  operations  and  radar 
allows  detection  and  tracking  of  all  manner  of  enemy  assets.  But  the 
wizards  in  the  business  know  the  purpose  of  manipulating  the  use  of 
a  spectrum  is  to  enable  physical  warfare;  by  itself,  electronic  warfare  is 
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next  to  worthless.  Similarly,  no  one  seriously  thinks  that  one  country 
can  wreak  persuasive  or  dissuasive  damage  on  another  by  unleashing  its 
electronic  warriors  on  it,  although  the  latter  may  be  the  source  of  some 
interesting  forms  of  annoyance,  particularly  if  they  can  interfere  with  all 
GPS  applications  and  mobile  devices. 

The  Significance  of  Warfare  in  Cyberspace 

It  should  be  fairly  clear  by  now  that  this  article  will  not  close  with  a  ringing 
call  for  a  strategic  cyberspace  doctrine.  As  oft  noted,  such  doctrines — even, 
or  especially,  if  they  meet  with  universal  approbation — are  as  likely  to  be 
wrong  as  they  are  right. 

To  start  with,  cyber  warfare  and  cyber  war  need  to  be  distinguished 
from  one  another.  Cyber  warfare,  like  warfare  itself,  is  about  the  conduct 
of  war,  carried  out  inevitably  to  further  the  performance  of  combat  in 
the  physical  domain  (it  can  also  be  considered  operational  or  instrumental 
cyber  war).  Cyber  war  is  undertaken  to  affect  the  will  of  the  adversary 
directly  (it  can  also  be  considered  tantamount  to  strategic  cyber  war). 
A  similar  distinction  can  be  made  between  electronic  warfare  and  elec¬ 
tronic  war — the  difference  being  that  no  one  talks  about  electronic  war 
as  something  interesting. 

First  we  can  ask  whether  cyber  warfare  can  so  alter  warfare  that  warfare — 
how  it  is  conducted  and  what  one  can  do  with  it — needs  to  be  seriously 
rethought.  Although  the  ultimate  answer  to  that  question  is  empirical 
and  yet  to  be  determined,  it  is  easy  to  establish  that  such  a  question  can¬ 
not  be  answered  without  an  important  intermediate  step.  Cyber  warfare 
attacks  systems  and  digital  networks.  Prior  to  the  1960s,  militaries  had 
no  digital  networks  to  attack.  A  cyber  attack  carried  out  against  a  mili¬ 
tary  today  can,  at  worst,  return  it  to  its  prenetworked  condition  (as  long 
as  it  has  something  to  revert  to).  To  argue  that  cyber  warfare  can  have  a 
revolutionary  effect  on  the  battlefield  requires  establishing  that  digital 
networking  is  itself  revolutionary.  This  is  a  step  many  proponents  of 
cyber  warfare  neglect  to  take. 

So  how  much  does  digital  networking  improve  the  workings  of  a  mili¬ 
tary?  First,  one  does  not  need  digital  communications  to  have  RF  com¬ 
munications;  the  latter  can  be  carried  out  with  analog  equipment  as  it 
was  prior  to  the  1970s,  and,  to  some  extent,  still  is.  Second,  as  helpful 
as  network-centric  warfare  may  have  been  for  the  United  States,  every 
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other  military  in  the  world  is  less  digitized  and  therefore  less  susceptible 
to  cyber  war  than  the  US  military  (notwithstanding  the  possibility  that 
the  digital  equipment  they  have  is  more  vulnerable  than  the  equivalent 
in  the  hands  of  US  forces). 

Thus,  the  revolutionary  impact  of  cyber  warfare  can  be  no  greater 
than  the  revolutionary  impact  of  digital  networking,  which  is  not,  itself, 
a  fully  tested  proposition.  The  question  of  how  much  less  entails  asking 
how  effective  cyber  warfare  can  be  at  nullifying  the  advantages  of  digi¬ 
tal  networking.  The  most  it  can  be  is  100  percent,  but  there  are  many 
simple  measures  militaries  can  take  to  reduce  it  well  below  100  percent. 
One  is  electronic  isolation.  If  a  network  is  disconnected  from  the  rest  of 
the  world,  it  is  very  difficult  for  outsiders  to  penetrate  it.  In  practice,  as 
Buckshot  Yankee  and  Stuxnet  proved,  it  is  not  enough  that  a  network 
lacks  an  Internet  address  (or  a  phone  number).  There  also  has  to  be  no 
way  for  errant  bytes  to  get  into  these  machines  via  RF  links  that  de¬ 
pend  on  the  strength  of  the  attacker’s  transmitter.  These  are  challenging 
problems  but  hardly  insurmountable.  For  the  most  part,  systems  can  be 
immunized  against  much  of  cyber  warfare  if  their  instructions  are  dif¬ 
ficult  to  alter  without  hands-on  contact.  This  could  be  because  the  logic 
is  hardwired  into  the  unit,  or  because  the  logic  can  only  be  replaced  by 
new  hardware  modules,  or  the  update  has  to  be  digitally  signed  by  a 
known  trustworthy  source  (using  reliable  cryptographic  protocols  imple¬ 
mented  correctly).  This  prevents  malware  or  malicious  software  with 
rogue  instructions  from  being  placed  on  the  machines,  which  then  limits 
a  machine’s  actions  to  those  prespecified  in  its  programming.  Stuxnet, 
(and  its  relatives  such  as  Flame)  as  well  as  much  of  cybercrime,  and  the 
advanced  persistent  threat  all  depend  on  the  possibility  of  malware  (ar¬ 
bitrarily  altered  instruction  sets)  to  work.9 

All  this  suggests  that  the  effect  of  cyber  warfare,  if  properly  recog¬ 
nized,  will  be  far  less  revolutionary  than  the  putatively  revolutionary 
effect  of  digitized  networking. 

In  fairness,  consider  two  objections  to  this  argument.  One  is  that 
militaries  cannot  revert  to  their  predigitized  network  state.  This  may  be 
empirically  true,  but  if  true,  it  says  either  that  (1)  such  militaries  have 
abjured  that  option  because  they  correctly  recognize  that  the  impact  of 
cyber  warfare  is  something  they  can  manage,  or  (2)  the  revolutionary 
impact  of  cyber  warfare  is  incorrectly  underappreciated  by  militaries  who 
consequently  digitize  without  giving  sufficient  thought  to  what  would 
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happen  if  cyber  warfare  were  revolutionary.  If  the  former  is  true,  the  issue 
is  settled.  If  the  latter  is  true,  then  the  only  way  cyber  warfare  could  be 
revolutionary  is  if  those  victimized  by  it  fail  to  see  it  was  going  to  be 
revolutionary.  This  is  the  sort  of  error  that  is  unlikely  to  be  made  more 
than  once,  if  it  is  even  made  at  all.  Consider,  by  way  of  example,  Stuxnet. 
If  Iranians  had  understood  what  Stuxnet  could  have  done  to  them,  they 
would  have  likely  taken  pains  to  ensure  that  no  USB  device  was  acces¬ 
sible.  Because  it  came  as  a  surprise,  Stuxnet  worked.  But  can  one  assign 
revolutionary  strategic  impact  to  a  form  of  warfare  that  requires  it  be 
systematically  underestimated  before  it  can  work? 

The  second  objection  is  that  while  cyber  warfare  is  not  much  to  look 
at  now,  it  is  only  to  get  more  important  as  militaries  continue  to  digitize. 
This  line  echoes  the  argument  that  aircraft  were  going  to  get  better  every 
year;  thus,  what  was  false  today  may  be  true  tomorrow.  Can  the  same  be 
said  about  cyber  warfare? 

At  this  point  in  the  article,  one  distinction  between  cyber  warfare  and 
warfare  in  all  other  media  must  be  made:  cyber  warfare  (as  well  as  cyber 
war)  requires  that  the  targets  have  made  mistakes  in  their  implementa¬ 
tion  and  use  of  digital  equipment.  In  theory,  digital  machines  should 
only  obey  their  given  instructions  in  service  of  their  owners/operators. 
In  practice,  there  are  variations  between  what  a  system  actually  does  and 
what  it  is  supposed  to  do  that  permits  cyber  warfare  to  work.  But  neither 
the  form  nor  even  the  existence  of  these  variations  is  inevitable.  They  are 
artifacts  of  systems  programming.  Such  artifacts  can  be  reduced,  perhaps 
even  effectively  eradicated.  As  noted  above,  even  if  systems  still  have  errors, 
users — especially  military  users — have  a  great  number  of  steps  they  can 
take  to  reduce  vulnerability  to  cyber  warfare.  Indeed,  many  such  steps 
are  being  taken — and,  doubtlessly,  more  would  be  taken  if  the  threat 
from  cyber  attacks  and  the  like  were  greater  (or  at  least  perceived  to  be 
greater)  than  is  currently  the  case.  This  is  no  proof  that  there  will  be  a  de¬ 
clining  threat  from  cyber  warfare  to  advanced  militaries  (militaries  that 
have  failed  to  advance  have  little  or  nothing  to  attack  in  cyberspace);  it 
may  well  grow.  The  fact  that  the  threat  from  cyber  warfare  has  to  be 
enabled  by  the  target’s  decisions  weighs  against  the  proposition  that  cyber 
warfare  can  be  revolutionary. 

Indeed,  there  is  every  indication  that  electronic  warfare  will  continue 
to  generate  more  consequential  effects  on  the  battlefield  than  cyber  war¬ 
fare  because  electronic  warfare  is  not  an  artifact  of  the  other  side’s  poor 


Strategic  Studies  Quarterly  ♦  Spring  20 1 4 


[31] 


Martin  C.  Libicki 


decisions.  It  is  an  unavoidable  aspect  of  long-distance  RF  communica¬ 
tions.  And,  as  noted,  there  is  no  classic  strategic  treatment  of  electronic 
warfare;  nor  is  there  indication  that  such  effort  is  missed. 

That  leaves  the  question  of  whether  strategic  cyber  war  can  be  signifi¬ 
cant  enough  to  merit  some  twenty-first-century  version  of  the  Douhet 
proposition:  a  form  of  war  that  can  induce  countries  to  stop  fighting  (or 
better,  avoid  starting  fights)  without  having  been  defeated  or  threatened  on 
an  actual  battlefield.  Arguments  similar  to  those  above  can  be  generated 
to  suggest  that  such  a  thesis  is  not  terribly  convincing  today.  Most  cyber 
attacks,  once  discovered,  are  resolved  and  the  effects  (apart  from  leaked 
information)  reversed  within  a  period  ranging  from  hours  to  days.  In  the 
long  run,  even  in  the  highly  unlikely  event  that  hackers  will  always  be 
able  to  control  the  systems  they  attack,  the  worst  that  can  happen  would 
be  to  convince  people  to  abandon  networking  and  thus  set  economies 
back  to  where  they  were  in  1995  (when  the  Internet  started  to  spread 
beyond  universities  and  defense-related  sites).10  For  advanced  countries, 
1995  is  not  that  much  further  behind  than  they  are  in  2013.  Thus  an 
economy  subject  to  continuous,  vicious,  and  expectedly  successful  attacks 
would  not  retrogress  as  much  as  a  society  subject  to  World  War  II-level 
bombing.  And  cyber  attacks  have  yet  to  kill  anyone.  Granted,  if  societies 
have  evolved  in  ways  that  are  difficult  to  reverse,  the  effects  of  cyber  war 
on  such  societies  may  be  worse  than  if  they  had  never  adopted  digitized 
networks  in  the  first  place.  But  such  effects,  almost  by  definition,  can  be 
used  only  once — and  only  if  a  society’s  leadership  systematically  under¬ 
estimates  its  vulnerability  to  cyber  war.  Of  course,  if  cyber  war  turns  out 
to  be  weak,  then  perhaps  they  have  not  underestimated  it  at  all. 

Over  time,  the  distance  between  1995  and  the  then-current  year  will 
increase,  which  will,  in  theory,  lend  cyber  war  more  leverage  than  it 
has  today.  Perhaps  then,  it  will  be  possible  to  write  how  cyber  war  has 
changed  everything  we  know  about  warfare.  Or  maybe  not.  True,  just  as 
aircraft  grew  monotonically  more  capable  from  their  invention  forward, 
so  societies  are  growing  increasingly  digitized,  with  little  prospect  that 
they  will  move  backward  (unless,  cyber  attacks  prove  to  be  far  more 
powerful  and  unavoidable  than  they  are  today) .  But  the  correlation  ends 
there.  Aircraft  improvement  was  a  contest  against  a  fixed  target  (the  laws 
of  aeronautics,  physics,  and  chemistry);  cyber  war  is  a  contest  against  a 
moving  target  wherein  offense  contends  with  defense.  It  is  not  obvious 
that  offense  will  get  continually  better,  particularly  when  defense  (in  the 
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form  of  the  target’s  system  and  software)  defines  what  the  offense  can 
do.  Granted,  hackers  are  getting  better,  thanks  in  part  to  markets  and 
market-like  mechanisms  for  sharing  information  about  software  vulner¬ 
abilities.  Furthermore,  new  uses  for  digitization  (e.g.,  networked  cars) 
are  constantly  creating  new  vulnerabilities  or  new  ways  for  vulnerabilities 
to  do  serious  damage.  But  defense  is  not  catatonic.  If  the  problem  with 
cyber  attacks  gets  bad  enough,  there  are  more  radical  steps  that  can  be 
taken.  One  example  is  Apple’s  iOS  operating  system,  which  has  success¬ 
fully  resisted  malware  because  it  is  a  fairly  closed  system  (although  some 
countries  have  been  rumored  to  have  prepared  and  stashed  away  attacks 
on  it).  Another  is  the  consensus  reached  by  security  professionals  that 
Java  (software)  should  be  disabled  on  all  browsers  because  it  is  becoming 
very  difficult  for  its  developer  to  stay  ahead  of  all  the  vulnerabilities  hack¬ 
ers  keep  discovering  in  it.  On  purely  technical  grounds,  every  successive 
version  of  Microsoft’s  products  is  more  malware-resistant  than  its  prior 
versions.  These  days  operating  systems  are  subverted  by  insecure  applica¬ 
tions  rather  than  being  attacked  directly.  So,  the  technology  dynamic  that 
Billy  Mitchell  employed — even  if  aircraft  cannot  do  it  today,  tomorrow’s 
eventually  will — does  not  necessarily  translate  into  cyberspace,  even  if 
cyber  security  may  get  worse  before  it  gets  better. 

Then  there  is  the  possibility  that  the  strategic  effects  of  cyber  war  may 
arise  from  the  interaction  of  state  actors  that  systematically  overestimate 
its  effects  (as  quasi-apocalyptic  statements  from  both  US  and  Chinese 
military  officials  suggest  is  quite  possible).  This  could  lead  to  unfortu¬ 
nate  dynamics,  but  in  the  longer  run,  the  problem  with  such  analyses 
is  similar  to  those  analyses  that  posit  leaders  to  underestimate  the  effects 
of  cyber  war  and  are  therefore  unprepared  in  ways  that  make  it  more 
dangerous.  Either  way,  this  is  an  attitude  capable  of  being  corrected  by 
events,  and,  by  its  very  nature,  of  temporary  import  (unless  one  can 
successfully  argue  that  the  perception  of  what  cyber  attacks  have  done  is 
systematically  in  error,  but  that  is  a  hard  case  to  make). 

Cyberspace,  as  it  turns  out,  is  ill-suited  for  grand  strategic  theories  for 
other  reasons.  As  mentioned  earlier,  cyberspace  is  changing  very  quickly 
in  many  important  respects.  Circa  1999,  for  instance,  US  cyber  war 
capability,  such  as  it  was,  housed  itself  within  the  US  Space  Command 
(disestablished  in  2002).  In  an  era  in  which  mischief  in  cyberspace  was 
most  likely  perpetrated  by  individual  hackers  who  were  adroit  at  getting 
into  systems,  maneuvering  deftly  while  discovering  how  they  worked, 
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doing  their  job,  and  leaving  quietly,  its  working  ethos  would  have  made 
it  a  natural  fit  for  something  like  the  US  Special  Operations  Command. 
Fortunately,  that  never  happened,  because  within  a  dozen  years,  it  was 
clear  that  hacking  was  less  about  individual  rough-and-ready  hackers 
and  more  like  a  team-based  enterprise  building  malware  tools  that  took 
commands  from  afar  and  otherwise  went  about  their  business  based  on 
their  programmed-in  wits.  Today,  the  original  fit  between  cyber  war  and 
the  space  business  looks  better — although  the  fit  between  US  Cyber 
Command  and  the  National  Security  Agency  is  quite  good  itself. 

Another  difficulty  in  proposing  a  grand  theory  of  cyber  warfare  is  that 
deception  lies  at  the  essence  of  cyber  war.  Systems,  although  meant  to 
be  under  the  control  of  their  owners/operators,  are  tricked  into  obeying 
the  commands  of  others.  Once  the  precise  nature  of  the  trick  is  realized, 
it  is  relatively  straightforward  to  figure  out  how  to  foil  that  particular 
attack — requiring  hackers  to  come  up  with  new  tricks,  which  they  often 
but  cannot  always  do.  Deception,  by  nature,  introduces  its  own  self- 
defeating  dynamic,  because  its  existence  depends  on  two  sides  having 
different  notions  of  what  something  can  do.  Success,  in  certain  key  re¬ 
spects,  is  often  inherently  unpredictable.  Those  who  wrote  strategic  theory 
for,  say,  airpower  had  the  advantage  of  understanding  the  interaction 
between  the  machine  and  its  aeronautical  environment  and  between 
weapons  and  their  targets.  They  could  use  that  solid  base  to  speculate  on 
the  relationship  between  the  effects  caused  by  aircraft  and  the  goals  for 
which  countries  went  to  war.  Those  who  would  write  strategic  theory  for 
cyberspace  have  no  such  foundation.  Everything  appears  contingent,  in 
large  part,  because  it  is. 

The  Possibly  Pernicious  Effects  ofWriting 
a  Cyber  War  Classic 

To  be  fair,  it  is  not  easy  to  counter  what  some  yet-to-be-written  cyber 
war  classic  would  say.  Setting  forth  here  the  brilliant  insights  of  such  a 
classic  would  create  the  tome  this  article  says  cannot  exist.  Yet,  if  cyber 
war’s  forthcoming  classic  looks  like  classics  in  past  domains,  they  are 
likely  to  say  (1)  cyber  war  is  totally  important,  (2)  those  who  wield 
its  power  should  fight  to  win  wars  on  their  own  rather  than  helping 
warriors  in  other  domains,  and  (3)  war  fighters  in  those  other  domains 
should  take  their  strategic  cues  from  what  takes  place  in  cyberspace. 
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To  say  that  war  in  the  virtual  world  can  match  the  horrors  of  war 
undergone  or  contemplated  might  seem  a  stretch,  but  anyone  who  ven¬ 
tured  such  an  opinion  would  not  stand  alone.  Joining  them  would  be 
the  US  Defense  Science  Board  (which  imagined  a  cyber  attack  so  severe 
as  to  merit  a  nuclear  response),11  some  Chinese  generals  (one  of  whom 
casually  opined  that  a  cyber  attack  could  be  as  damaging  as  a  nuclear 
attack),12  and  even  Russian  president  Vladimir  Putin  (who  said  that  a 
cyber  war  could  be  worse  than  conventional  warfare — this  from  the 
head  of  a  country  that  lost  25  million  in  World  War  II).13  There  is  noth¬ 
ing  quite  like  a  good  nuclear  analogy  to  rally  those  in  favor  of  an  inde¬ 
pendent  cyber-war  force.  Yet,  the  mere  argument  that  cyber  war  is  going 
to  be  very  important  hardly  says  what  to  do  with  cyber-war  capabilities, 
apart  from  keeping  them  well  fed. 

Emphasizing  the  strategic  aspects  of  cyber  war  over  its  tactical  (alter¬ 
natively,  operational  or  instrumental)  aspects  is  not  necessarily  wrong. 
Because  the  operational  uses  of  cyber  war  are  neither  ethically  nor  par¬ 
ticularly  strategically  problematic14 — in  that  it  only  substitutes  nonlethal 
for  lethal  means — there  is  little  reason  not  to  use  it  against  military  targets. 
But  military  targets  are  generally  harder  targets  than  civilian  ones.  What 
may  produce  limited  gains  on  the  battlefield  may  produce  huge  payoffs 
off  the  battlefield,  thereby  tempting  the  elevation  of  the  strategic  over 
the  operational.15  But  such  elevation  has  consequences.  It  affects  the  al¬ 
location  of  resources  and  manpower.  If  talented  cyber  warriors  convince 
themselves  that  strategic  warfare  offers  a  better  shot  at  top  command 
slots,  they  will  migrate  accordingly.  Perhaps  if  cyber  war  is  that  impor¬ 
tant,  there  will  be  enough  resources  and  manpower  to  go  around — 
although  the  current  difficulties  in  finding  enough  cyber-security  pro¬ 
fessionals  suggest  that  their  supply  is  not  infinite  and  only  time  will  tell 
how  elastic.  However,  there  are  certain  resources  where  serious  choices 
must  be  made:  that  is  knowledge  of  vulnerabilities  in  software  that  al¬ 
lows  cyber  warriors  into  many  of  their  targets.  To  the  extent  military  and 
civilian  systems  rely  on  the  same  software  and  hardware — as  they  in¬ 
creasingly  do,  although  there  are  still  major  differences — then  a  vulner¬ 
ability  exploited  for  disruptive/destructive  purposes  (rather  than  espio¬ 
nage)  is  likely  to  be  a  vulnerability  that  can  be  used  only  during  a  small 
time  window.  Its  availability  for  strategic  purposes  limits  its  availability 
for  military  purposes.  Hence,  choices,  notably  between  operational  and 
strategic  cyber  war,  must  be  made.  Because  systems  have  to  be  penetrated 
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well  before  they  are  attacked,  such  choices  may  have  to  be  made  well  be¬ 
fore  the  character  of  the  upcoming  conflict  is  clear.16 

Consider,  too,  that  both  forms  of  cyber  war — the  strategic  and  the 
operational — compete  with  cyber  espionage  when  it  comes  to  allocating 
vulnerabilities  to  exploit.17  Those  who  want  to  reserve  the  exploit  for 
cyber  espionage  can  make  two  strong  points.  First,  since  penetration, 
in  and  of  itself,  tends  to  be  deliberately  stealthy,  the  vulnerability  can 
remain  hidden  longer  than  it  can  once  a  disruptive/destructive  attack 
takes  place.18  Second,  the  yield  from  cyber  espionage  can  be  immediate, 
while  the  yield  from  getting  into  a  system  that  might  be  taken  down  is 
contingent  on  a  war  starting. 

Strategic  cyber  war  is  far  more  problematic  than  its  operational  cousin. 
It  raises  laws-of-armed-conflict  issues  that  operational  cyber  warfare 
does  not.  Similarly,  it  is  more  likely  to  result  in  escalation  and  in  ways 
that  make  conflict  resolution  more  difficult.  By  contrast,  operational 
cyber  warfare  ends  when  kinetic  warfare  ends,  because  there  is  no  longer 
any  advantage  in  making  targets  more  susceptible  to  kinetic  attack  when 
kinetic  attack  terminates. 

If  the  galvanizing  theory  emphasizes  doctrines  such  as  preemption, 
further  difficulties  await.  Although  exactly  how  to  preempt  a  cyber  attack 
remains  a  mystery,  there  is  very  little  that  can  be  destroyed,  and  only  a 
narrow  class  of  attacks  can  be  disrupted  by  actions  taken  outside  one’s 
network.  If  the  doctrine  is  attractive  enough,  people  will  think  they  have 
found  a  way  to  do  so.  Unfortunately,  the  many  ambiguities  of  who  is 
doing  what  to  whom  in  cyberspace  suggest  that  understanding  who  is 
preparing  to  do  what  to  whom  is  even  harder  to  discern.  Grave  mistakes 
are  possible — particularly  if  the  decision  to  preempt  attacks  is  delegated 
from  the  president,  as  many  have  suggested  it  might  be.19 

Finally,  what  might  be  those  cues  that  warriors  in  today’s  domains 
should  take  from  cyberspace  according  to  some  yet-to-be-written  doc¬ 
trine?  Cyber  war  is  sneaky  stuff.  It  relies  on  deceiving  computers,  which, 
in  turn,  requires  deceiving  humans  who  manage  these  computers.  It 
usually  works  a  great  deal  better  when  it  comes  without  warning.  Insofar 
as  its  success  depends  on  the  discovery  of  impermanent  elements  in  the 
target  system,  laid-in  attacks  have  to  be  used  quickly  if  they  are  to  be 
used  at  all.  Furthermore,  because  many  of  its  effects  are  temporary,  they 
must  be  exploited  in  a  very  short  time  (as  quickly  as  within  hours  and 
days).  In  that  sense,  powerful  cyber  attacks  can  pull  follow-up  strategic  or 
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operational  actions  behind  them,  whether  or  not  the  latter  are,  respec¬ 
tively,  appropriate  or  ready.  Cyber  war  is  also  an  elite  activity  in  which 
numbers  of  hackers  count  for  little  but  the  skills  of  the  best  of  the  best 
count  for  a  great  deal. 

Cyber  operations  are  covered  in  heavy  layers  of  secrecy.  In  some  ways, 
secrecy  is  deserved:  vulnerabilities  described  quickly  become  vulnerabili¬ 
ties  eradicated.  But  in  other  cases,  it  is  questionable:  no  country  admitted 
to  having  cyber- war  forces  until  2012.  And  in  other  ways,  particularly 
when  disclosing  information  about  vulnerabilities  that  the  other  side 
found  in  the  systems  of  commercial  organizations,  it  can  get  in  the  way. 
All  this  makes  it  difficult  to  have  a  serious  public  debate  about  the  role 
of  cyber  war  in  national  security.  To  be  fair,  the  common  difficulty  of 
understanding  cyberspace  also  interferes  with  useful  public  debate.  Hence 
the  question:  Would  it  be  beneficial  for  the  mores  of  physical  war  fighting 
to  reflect  the  inherent  mores  of  war  fighting  in  cyberspace?  Perhaps  not. 

Conclusions 

So,  rather  than  bemoan  the  fact  that  there  are  no  instant  strategic  clas¬ 
sics  on  cyber  war,  or  even  well-percolated  ones,  perhaps  we  should  count 
ourselves  lucky.  Many  of  the  strategic  classics  from  earlier  domains  seem 
to  have  been  misleading,  even  harmful.  War  fighters  that  deal  with  the 
more  recent  media,  such  as  outer  space  or  the  radio-frequency  spectrum, 
seem  to  be  doing  just  fine  without  them.  And  cyber  war  appears  to  have 
even  less  basis  for  a  strategic  treatment  than  space  warfare  or  electronic 
warfare.  Its  efficacy — much  less  significance — has  been  postulated  well 
before  it  has  been  proven.  By  its  very  nature,  cyber  war  has  to  continually 
morph  to  retain  its  relevance.  Furthermore,  there  are  good  reasons  to 
believe  that  its  contribution  to  warfare,  while  real,  is  likely  to  be  modest, 
while  its  contribution  to  strategic  war  is  a  great  deal  easier  to  imagine 
than  to  substantiate.  K8WL 


Notes 

1.  To  those  who  think  the  argument  in  favor  of  finding  a  Billy  Mitchell  for  cyberspace 
is  a  straw  man,  note  the  following  requests  from  Frank  Cilluffo,  former  special  assistant  to 
the  president  for  homeland  security:  “We  must  find  the  cyber  equivalents  of  Billy  Mitchell, 
George  Patton,  Curtis  LeMay  and  Bill  Donovan — leaders  who  understand  both  the  tactical 
and  strategic  uses  of  new  technologies  and  weapons,”  http://www.gwumc.edu/hspi/policy 
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/Cilluffo_Knop.pdf);  Stewart  Baker,  former  general  counsel  of  NSA:  “As  Brig  Gen  Billy 
Mitchell  predicted,  airpower  allowed  a  devastating  and  unprecedented  strike  on  our  ships 
in  Pearl  Harbor.  We  responded  with  an  outpouring  of  new  technologies,  new  weapons  and 
new  strategies.  Today  the  threat  of  new  cyber  weapons  is  just  as  real,  but  we  have  responded 
with  an  outpouring — not  of  technology  or  strategy  but  of  law  review  articles,  legal  opin¬ 
ions  and  legal  restrictions,”  http://www.steptoe.com/publications-8l46.html;  Robert  Cringe- 
ley,  an  influential  columnist  in  the  IT  trade  press:  “My  fear  is  that  when  it  comes  to  cyber  war¬ 
fare  there  is  no  Billy  Mitchell  today  in  Washington,”  http://www.cringely.com/2009/06/01 
/remember-billy-mitchell/;  George  Stein  writing  in  Air  Power  Journal  in  1995:  “In  some  ways, 
‘info-warriors’  are  like  Gen  William  (‘Billy’)  Mitchell  and  the  pioneer  league  of  airmen.  They 
see  the  potential.  Mitchell’s  vision  of  the  potential  for  airpower  drove,  at  great  cost  to  himself 
but  great  benefit  to  the  nation,  the  development  of  a  new  form  of  warfare”;  and  Robert  Lee 
writing  in  Air  and  Space  Power  Journal  in  2013:  “theorists  and  military  officers,  including  Gen 
Giulio  Douhet,  Marshal  of  the  Royal  Air  Force  Hugh  Trenchard,  and  Brig  Gen  William  ‘Billy 
Mitchell,  helped  guide  the  direction  of  airpower.  As  cyberspace  reaches  its  full  potential  as  a  do¬ 
main  of  warfare  equal  to  the  traditional  domains,  we — like  those  leaders — must  vector  it  properly.” 
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Not  a  Mere  Crime  Problem 

James  P.  Far  well 
Darby  Arakelian 

The  television  show  Miami  Vice  regaled  viewers  with  stories  of  under¬ 
cover  agents  as  they  battled  to  keep  Colombians  and  their  Miami  cohorts 
from  smuggling  cocaine  and  other  illegal  drugs  into  this  country.  In 
real  life,  US  authorities  did  even  better.  They  proved  so  effective  that 
the  Colombia  cartels  decided  to  shift  operations  west  and  outsourced 
drug  trafficking  to  Mexican  gangs.  Instead  of  cash,  they  paid  the  traf¬ 
fickers  in-kind,  offering  30-50  percent  of  the  drugs  to  sell  on  their  own, 
and  the  gangs  graduated  from  transport  to  distribution.  Drug  traffick¬ 
ing  through  Mexico  had  long  been  a  problem,  but  this  change  triggered 
a  great  rise.1 

While  Western  media  focus  heavily  on  the  civilian  deaths  in  Syria, 
they  often  overlook  our  own  backyard,  where  Mexican  drug  violence  has 
claimed  110,000  lives.2  Former  president  Felipe  Calderon  pronounced 
that  “the  most  lethal  war  is  the  one  being  fought  by  criminal  gangs 
among  themselves.”3  That  statement  reflects  only  one  element  in  the 
story,  because  cartel  violence  greatly  affects  the  United  States.4  As  cartels 
battle  for  turf  among  one  another,  the  threat  transcends  borders  and 
raises  hemispheric  security  issues  that  embrace  the  United  States,  Canada, 
Mexico,  and  their  neighbors  in  Central  and  South  America.  Mexican 
security  forces  have  made  cross-border  incursions  into  this  country, 
hundreds  of  US  Customers  and  Border  Patrol  (CBP)  agents  have  been 
attacked,5  and  even  US  Soldiers  have  been  suborned  into  acting  as  hitmen 
south  of  the  border.6  The  cartels  are  also  increasingly  active  in  US  cities. 


Dr.  James  R  Farwell  is  a  national  security  expert  who  has  advised  the  US  Special  Operations  Command. 
He  holds  a  JD  in  law  from  Tulane  University  and  a  DCLS  in  comparative  law  from  the  University  of 
Cambridge.  He  is  the  author  of  Persuasion  and  Power:  The  Art  of  Strategic  Communication  (Georgetown 
University  Press,  2012). 

Darby  Arakelian  is  a  national  security  expert  and  former  CIA  officer.  She  holds  a  BA  in  political 
science,  Russian,  and  economics  from  the  University  of  Denver  and  an  MA  is  in  security  policy  studies 
from  the  George  Washington  University.  Ms.  Arakelian  specializes  in  terrorism  and  counterterrorism 
communications  strategy  and  analysis,  cyber  warfare,  and  automated  media  monitoring  and  analysis. 


[40] 


Strategic  Studies  Quarterly  ♦  Spring  20 1 4 


War  on  Our  Doorstep 


Although  Calderon’s  team  boasts  that  it  captured  25  of  its  37  most 
wanted  criminals,7  no  one  suggests  the  flow  of  drugs  has  been  stopped. 
In  this  high-stakes  struggle,  while  Mexico  may  not  be  a  failed  state,  the 
war  is  eroding  its  credibility  and  ability  to  govern.  It  is  also  affecting 
security  in  the  region.  In  Guatemala,  cartels  reportedly  control  40-60 
percent  of  the  entire  country.8  The  Mexican  Sinoloa  cartel  has  formed 
links  with  Mara  Salvatrucha  (MS- 13),  a  gang  started  in  Los  Angeles  by 
Salvadoran  immigrants.9  Mexican  cartels  are  also  linked  to  murders  in 
Argentina  and  Peru.10 

While  the  United  States  wants  to  stop  trafficking  and  eliminate  king¬ 
pins,  Mexicans  want  to  stop  kidnapping  and  violence.  This  has  left  both 
Mexico  and  the  United  States  without  a  cohesive  strategy  for  combating 
the  cartels — a  totally  unacceptable  situation.  Most  observers,  including 
the  Mexican  government,  believe  this  to  be  a  law  enforcement  problem. 
We  challenge  whether  that  approach  is  most  effective  and  argue  that 
conventional  definitions  for  characterizing  this  struggle  do  not  apply  to 
this  emerging,  unprecedented  conflict.  The  required  debate  over  how 
to  protect  vital  US  security  interests  has  barely  commenced.  What  legal 
authorities  govern  US  action?  What  roles  should  our  military  or  law 
enforcement  play?  Do  we  rely  upon  conventional  definitions  of  high- 
intensity  crime,  terrorism,  or  insurgency  to  dictate  solutions?  What  are 
the  tradeoffs  for  using  the  military  or  law  enforcement  to  battle  the 
cartels?  The  threat  to  US  national  security  interests  calls  for  a  different  ap¬ 
proach.  A  combination  of  law  enforcement,  social  reform,  covert  intelli¬ 
gence,  military  special  operations,  and,  as  appropriate,  selective  military 
action  by  Mexico  with  indirect  mission  assistance  from  the  US  military 
offers  a  plausible  path  to  success. 

Characterizing  the  Conflict  to  Determine  Strategy 

How  the  war  is  characterized  matters  as  to  what  body  of  law  governs 
it — the  law  regulating  law  enforcement  or  the  law  of  armed  conflict?11 
The  answer  affects  tactics  and  the  nature  of  forces  employed.  For  example, 
while  police  can  use  deadly  force  against  suspects  who  pose  a  threat  of 
serious  physical  harm,  the  principle  of  military  necessity  authorizes  a 
military  to  take  all  necessary  measures  not  prohibited  by  international 
law  to  defeat  an  enemy.12  The  US  and  Mexican  militaries  have  a  role  in 
low-intensity  conflict,  fighting  an  insurgency,  or  combating  terrorism, 
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especially  if  those  terrorist  groups  support  al-Qaeda.13  Scholars  like  Paul 
Rexton  Kan  argue  that  while  drug  cartels  share  certain  organizational 
and  operational  characteristics  of  terrorist  organizations,14  the  Mexican 
drug  war  is  not  an  insurgency  because  cartels  lack  a  political  agenda. 
Kan’s  key  argument  rests  upon  the  widely — and  mistakenly — held 
view  that  terrorists  seek  political  goals  while  criminals  are  motivated  by 
greed.15  Writing  in  Small  Wars  Journal,  Brad  Freden  acknowledges  that 
elements  of  counterinsurgency  (COIN)  operations  are  useful  in  fighting 
the  cartels  but  argues  that  “the  violence,  drug  trafficking,  and  lawless¬ 
ness  that  we  see  in  northern  Mexico  does  not  constitute  an  insurgency. 
Drug  cartels  have  no  ideology  beyond  profit,  no  aspirations  other  than 
to  be  left  alone,  and  no  popular  support  beyond  that  which  can  be  pur¬ 
chased  with  money  or  intimidation”  (emphasis  in  original).16  University 
of  Maryland  scholar  Shibley  Telhami  also  views  terrorists  as  linked  to 
political  goals  and  defines  them  as  those  who  deliberately  target  civilians 
for  such  ends.17 

Those  who  oppose  characterizing  the  Mexican  drug  wars  as  an  in¬ 
surgency  argue  that  cartels  have  not  “captured”  the  state  to  implement 
a  social  or  political  agenda  and  are  not  seeking  to  overthrow  the  govern¬ 
ment  and  replace  it  with  their  own,  but  focus  on  shoving  the  state  aside 
in  their  pursuit  of  profits.  This  thinking,  ably  argued  by  Kan,  is  that 
“no  insurgent  or  terrorist  group  .  .  .  has  been  dismantled  by  rolling  up 
its  financial  networks,”  a  statement  that  would  come  as  news  to  the  US 
Treasury  and  other  agencies  engaged  in  counterterrorism  financing.18 
The  pivot  of  the  argument  is  that  cartels  do  not  seek  to  “substitute  their 
ideology  for  the  existing  one  or  to  achieve  any  other  political  goal  that  is 
routinely  associated  with  armed  groups  who  instigate  social  upheaval.”19 

So,  should  fighting  the  drug  cartels  be  limited  to  law  enforcement  and 
political  measures  that  effect  a  social  reform  agenda  or  is  this  a  form  of 
counterinsurgency  for  which  properly  trained  military  geared  to  special 
missions  should  play  a  key  role?  Most  voices  strongly  oppose  using  the 
military  to  combat  drug  trafficking.  At  its  core,  their  argument  rests 
most  importantly  on  three  confluent  propositions. 

•  The  Mexican  drug  war  is  not  an  insurgency,  terrorism,  or  low- 
intensity  conflict  (LIC),  but  at  most,  a  “mosaic  cartel  war”  that 
requires  social  reform  and  law  enforcement.20 
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•  The  military  is  not  well  suited  for  waging  this  war.  Rice  University 
scholar  Tony  Payan  asserts  that  Mexico’s  military  strategy  has  produced 
as  many  as  100,000  deaths  and  “let  loose  on  the  civilian  population 
the  military  and,  increasingly,  a  militarized  federal  police.”21 

•  Institutional  reforms  to  clean  up  Mexico’s  criminal  justice  system 
could  provide  meaningful  social  reform  plus  a  better,  cohesive  col¬ 
laboration  with  the  United  States. 

Mexico’s  drug  war  presents  a  different  kind  of  warfare,  with  different 
players  and  political  dynamics,  for  which  success  requires  achieving 
parallel  political  and  security  goals.  Characterizing  the  war  turns  on 
whether  the  drug  cartels — sometimes  called  drug  trafficking  organiza¬ 
tions  (DTO)  or  transnational  criminal  organizations  (TCO) — have  a 
political  ideology  and  seek  political  power.  Both  factors  apply  to  the 
cartels.  They  espouse  an  ideology  rooted  in  surprisingly  specific  stories, 
narratives,  themes,  and  messages  that  go  well  beyond  what  other  groups 
who  are  widely  accepted  as  political,  such  as  al-Qaeda,  Italy’s  Red  Bri¬ 
gades,  Sendero  Luminoso  (Shining  Path)  in  Peru,  Colombia’s  FARC 
(Revolutionary  Armed  Forces  of  Colombia)  and  National  Liberation 
Army  (Ejercito  de  Liberacion  Nacional,  ELN),  or  Paraguay’s  Ejercito  del 
Pueblo  Paraguayo  (EPP)  espouse.  Those  groups  embrace  the  rhetoric  of 
ideology  but  offer  little  content  to  define  one.  They  all  seek  political  power, 
either  to  overthrow  the  existing  regime  or,  as  in  Mexico,  to  paralyze 
and  remove  the  government  as  a  threat  to  their  operations.  And  they 
are  all  criminal. 

Even  then,  the  argument  that  the  cartels  do  not  present  an  insur¬ 
gency  because  greed  or  profit,  not  a  “political”  agenda,  motivates  them 
is  flawed.  There  is  no  accepted  definition  for  what  constitutes  a  political 
agenda.  Yale  political  scientist  Harold  Lasswell  probably  came  as  close 
as  anyone  to  how  politicians  view  politics:  “Politics  is  who  gets  what, 
when,  and  how.”22  Whether  parties  seek  money  legally  or  illegally  may 
affect  their  status  as  criminals  or  law-abiding  citizens,  but  they  may  easily 
qualify  as  criminals  and  political  actors.  Most  politicians  would  scoff 
at  the  idea  that  parties  whose  agenda  in  the  political  process  is  to  seek 
money  are  not  political.  Crime  and  politics  are  not  mutually  exclusive. 
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Cartel  Ideology 

The  notion  of  what  constitutes  an  ideology  lends  itself  to  different 
expressions.  In  politics,  almost  any  approach  constitutes  a  belief  system, 
although  not  all  belief  systems  are  ideologies.23  Broadly,  ideology  consists 
of  a  collection  of  ideas  that  define  goals,  expectations,  and  actions  and 
express  a  cohesive  basis  for  thought  and  behavior.  Ideologies  exert  influence 
over  the  beliefs  and  values  that  people  share,  how  they  see  themselves, 
and  how  they  perceive  the  world  and  their  place  in  it.  Ideology  guides 
action  and  influences  how  people  relate  to  one  another.  It  defines  hopes, 
dreams,  and  aspirations. 

A  striking  quality  about  organizations  labeled  “terrorist”  is  their 
substantive  lack  of  ideology.  Harvard  scholar  Louise  Richardson  has 
pointed  out  that  terrorist  movements  do  not  describe  meaningfully  the 
new  world  they  intend  to  create.24  All  terrorist  movements,  she  observes, 
“have  two  kinds  of  goals:  short-term  organizational  objectives  and  long¬ 
term  political  objectives  requiring  significant  political  change.”25  She 
points  out  that  their  political  causes  have  been  about  changing  the  status 
quo,  not  offering  an  alternative  vision  for  the  future. 

Colombian  FARC  leader  Paul  Reyes  admitted  he  could  not  define 
a  ruling  program.  Tamil  Tigers  leader  Yelupillai  Prabhakran’s  descrip¬ 
tion  of  the  future  was  pabulum  about  a  socialist  state.  Chechen  Shamil 
Basayev  said  he  stood  for  “power  to  the  people,”  whatever  that  meant. 
Shining  Path’s  Abimael  Guzman  brushed  off  questions  about  his  vision 
for  the  future,  admitting  that  “we  have  not  studied  this  question  suf¬ 
ficiently.”26  Colombia’s  FARC  and  ELN  and  Peru’s  Shining  Path  all 
morphed  into  criminal  entities  that  finance  themselves  from  drug  traf¬ 
ficking,  but  all  claim  to  fight  for  a  political  ideology.  Except  for  regime 
change,  it  is  hard  to  discern  much  content  to  their  views.  They  do  not 
discuss  the  exact  form  of  government,  health  care,  education,  jobs,  or 
items  that  define  what  real  political  parties  or  actors  offer.27  Al-Qaeda  is 
no  different.  Richardson  observes  that  in  defining  his  vision,  Osama  bin 
Laden  was  “extremely  vague.”28  French  scholar  Olivier  Roy  eviscerated 
bin  Laden  for  his  empty  rhetoric.29 

By  contrast,  the  Mexican  drug  cartels  are  remarkably  concrete  in  spin¬ 
ning  a  story,  narrative,  theme,  and  message  that  hold  particular  meaning 
for  their  targeted  audiences.  Greed  may  drive  cartels,  but  what  has  made 
them  effective  is  their  ability  to  recruit  and  mobilize  younger,  alienated 
Mexicans  through  messaging  what  the  cartels  offer  that  the  state  does 
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not:  social  mobility,  hope,  opportunity,  and  prosperity.  The  Mexican 
drug  cartels  net  a  6,000-percent  profit  from  trafficker  to  user;  counting 
from  the  purchase  price  paid  to  growers,  the  business  yields  an  eye-popping 
150,000-percent  profit.30  In  such  a  lucrative  market,  cartels  easily  find 
a  rich  source  of  recruits  among  impoverished  Mexicans,  particularly 
in  Juarez  assembly  plants  established  in  the  wake  of  NAFTA  that  pay 
$200-300  a  month.  The  cartels  reportedly  can  pay  teenagers  $5,000  for 
a  single  act  of  violence.31 

Cartels  articulate  a  story  defining  themselves  as  rooted  in  the  romantic 
nineteenth-century  image  of  a  bandito  preying  upon  the  rich  and  a 
national  history  in  which  wealthy  Mexicans  and  foreign  investors  have 
controlled  much  of  the  economy,  leaving  most  Mexicans  impoverished.32 
Cartel  ballads  and  music  videos  stem  directly  from  the  Mexican  folk 
tradition  of  romanticizing  revolutionary  heroes  and  legend,  except  that 
today’s  songs  glorify  drug  lords.33 

The  songs  (narco-corridos) ,  videos,  social  media,  signs,  and  banners 
(: narcomantas )  present  a  populist  patina  that  celebrates  the  humble  origins 
of  cartel  leaders  and  their  exploits.  Ricardo  Ainslie  points  out  that  this 
strategic  communication  has  shifted  the  terrain  “for  a  political  left  long 
accustomed  to  an  adversary  defined  as  the  nation’s  elites  and  long  accus¬ 
tomed  to  viewing  itself  as  a  movement  that  defended  the  downtrodden.” 

The  narratives  help  define  a  specific  culture  that  appeals  to  teenagers 
and  younger  people  who  the  cartels  vigorously  recruit.  It  is  manifest 
in  the  attire:  garish  cowboy  hats,  ostrich-skin  boots,  flashy  sneakers, 
brightly  colored  baseball  hats,  tight  dresses,  gaudy  jewelry,  lavish  homes, 
fast  cars,  alcohol,  and  a  glamorous  life  that  offers  the  best  food,  beautiful 
women,  and  action.  The  cartels  provide  a  way  of  life  that  offers  a  macho 
identity  and  pride  for  which  recruits  have  no  other  means  of  access.35 

Writing  in  Milenio,  Tijuana  writer  Heriberto  Yepez  accurately  observed 
that  the  cartels  have  evolved  from  being  an  economy  to  an  ideology  that 
saturates  society.  The  term  narco  becomes  conflated  in  “drug  trafficker” 
{el  narco)  and  “drug  life”  ( lo  narco).  Yepez  argues  that  narco  used  to  be 
an  adjective  that  described  one  aspect  of  Mexican  culture.  Now  it  is 
culture:  “narco  and  culture  are  synonyms.”36  The  cartels  offer  meaning 
and  concrete  opportunities  that  directly  influence  norms,  values,  beliefs, 
attitudes,  opinion,  and  behavior. 

The  messaging  is  directed  as  well  to  the  military.  Los  Zetas  recruits 
by  exploiting  the  fact  that  the  minimum  wage  in  Mexico  is  five  dollars 
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a  day,  unfolding  banners — narcomantas — asking,  “Why  be  poor?  Come 
work  for  us.”37  One  Zetas  banner  hanging  over  a  major  thoroughfare 
declared:  “Operative  Group  ‘the  Zetas’  wants  you  soldier  or  ex-soldier. 
We  offer  a  good  salary,  food  and  benefits  for  your  family.  Don’t  suffer 
any  more  mistreatment  and  don’t  go  hungry.”  Members  of  at  least  one 
cartel,  La  Familia  Michoacana,  now  succeeded  by  the  Knights  Templar 
(Caballeros  Templarios),  view  themselves  as  resistance  fighters  against 
crime.  They  developed  expertise  in  soft  power  to  gain  popular  credibility.38 
They  espouse  an  odd  form  of  Christianity  and  run  drug  rehab  clinics.  The 
cartel  offers  jobs  and  organizes  popular  protests  against  the  govern¬ 
ment.39  Of  course  there  is  a  darker  side.  The  cartels  employ  directed 
violence  to  secure  loyalty,  extract  revenge,  send  messages,  claim  turf, 
and  fill  power  vacuums.40  In  short,  the  cartels  do  espouse  a  political 
philosophy  that  meets  the  hopes  and  aspirations,  as  well  as  playing  on 
the  fears,  of  their  targeted  audiences. 

Seizing  Political  Power 

The  cartels  also  aggressively  seek  political  power.  They  have  succeeded  so 
well  that  Calderon  acknowledged,  “This  criminal  behavior  [by  cartels]  .  .  . 
has  become  a  challenge  to  the  state,  an  attempt  to  replace  the  state.”41 
They  have  created  an  atmosphere  of  fear  and  intimidation  that  impairs 
the  government’s  ability  to  operate  in  any  normal  fashion  in  providing 
security  or  ensuring  the  welfare  of  the  people.  Tactics  of  intimidation 
have  choked  off  press  freedom.42  They  have  “superseded  or  seriously 
weakened”  the  government  in  a  growing  number  of  Mexican  states,  even 
in  places  becoming  a  “parallel  government.”43  Reportedly,  the  cartels 
spend  a  billion  dollars  annually  to  bribe  police.44  They  have  assassinated 
political  candidates  and  high-ranking  military  and  law  enforcement 
officials.  They  engage  in  campaigns  to  subvert  the  Mexican  government 
at  all  levels.45  Their  extortion  has  obstructed  commerce.46 

Los  Zetas  stands  out  for  why  normal  law  enforcement  will  not  de¬ 
feat  cartels,  and  drawing  lessons,  other  cartels  have  stepped  up  their 
own  capabilities.  Recruiting  from  Mexico’s  special  operations  forces  and 
arming  itself  with  AK-47s,  IEDs,  RPGs,  and  50-caliber  machine  guns, 
Los  Zetas  has  trained  in  small-squad  infantry  tactics,  uses  social  media 
adroitly,  operates  with  sophisticated  intelligence  capabilities,  and  could 
easily  become  an  overt  insurgency.  It  will  be  difficult  for  a  regular  police 
force  to  tackle  this  type  of  militia.47  While  we  disagree  with  how  Paul 
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Kan  characterizes  the  drug  war,  we  agree  with  a  lot  of  his  ideas  on  how 
to  address  it.  His  point  that  any  strategy  must  take  on  the  Zetas  first 
is  prescient.  Among  all  the  cartels,  this  one  offers  the  greatest  threat  of 
evolving  overtly  into  an  antigovernment  insurgency  movement.48  But 
one  should  never  underestimate  the  lethality  of  the  others. 

Although  concerned  about  the  effect  of  labeling  the  Mexican  drug 
war  an  insurgency,  Christopher  Ljungquist  summed  up  the  point  that 
the  cartels  are  political  by  stating  that  “the  Mexican  state  is  fighting  power¬ 
ful  and  atypical  insurgencies,  armed  with  virtually  unlimited  access  to 
firearms,  including  anti-aircraft  batteries,  and  funded  by  an  expert  trade 
in  illegal  narcotics  worth  billions  of  dollars.”49  Former  secretary  of  state 
Hillary  Clinton  is  among  those  who  concur  that  Mexico  faces  an  in¬ 
surgency,  having  declared  that  the  cartels  “are  showing  more  and  more 
indices  of  insurgencies.”50 

While  not  writing  about  Mexico  per  se,  Bard  O’Neil  and  David  Kilcullen 
seem  to  agree  that  a  confrontation  qualifies  as  insurgency  only  where  it 
is  politically  motivated  and  constitutes  a  political  uprising.51  The  Mexican 
drug  war  meets  that  definition.  It  is  a  war  tailored  for  a  new  form  of 
counterinsurgency  defined  as  “an  armed  struggle  for  support  of  the  pop¬ 
ulation”  that  requires  a  holistic  approach  and  unity  of  effort  to  achieve 
security,  drug  eradication,  social  reform,  judicial  reform,  crackdowns  on 
corruption,  multinational  partnerships  with  neighbors  who  the  drug  war 
affects  directly  and  indirectly,  and  special-mission  military  efforts  against 
heavily  armed  and  trained  cartels.  It  is  an  iterative,  unique  approach.52 

Not  all  criminal  activity  qualifies  as  insurgency.53  But  the  Mexican 
drug  war  is  a  low-intensity  conflict,  and  the  cartels  do  qualify  as  insur¬ 
gents,  hostile  combatants,  and  terrorists.  The  fact  is  the  lines  between 
crime,  terrorism,  and  insurgency  are  becoming  increasingly  blurred. 
Indeed  the  US  Drug  Enforcement  Administration  (DEA)  reports  that 
designated  foreign  terrorist  organizations  (FTO)  involved  in  the  global 
drug  trade  have  jumped  from  14  groups  in  2003  to  18  in  2008. 54  There¬ 
fore,  it  is  imperative  the  United  States,  whose  vital  security  interests  are 
linked  with  Mexico  as  well  as  the  rest  of  the  hemisphere  in  managing 
and  prevailing  in  this  conflict,  recognize  what  is  happening  in  Mexico 
and  deal  with  it  realistically. 
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A  Different  Approach 

We  start  with  two  realities.  First,  Mexico’s  priorities  are  to  stop  violence 
and  kidnapping,  while  the  United  States  is  focused  on  eliminating  king¬ 
pins  and  stopping  the  flow  of  drugs.55  Until  the  early  1990s,  the  drug 
business  in  Mexico  was  relatively  peaceful.  US  citizens  suffered,  but  the 
situation  worked  well  for  Mexicans.56  Second,  neither  side  has  a  strategy 
for  managing  or  prevailing  in  this  war — a  problem  complicated  by  extreme 
Mexican  sensitivity  that  the  United  States  will  intrude  upon  its  sover¬ 
eignty.  Success  requires  resolving  these  challenges.  While  there  are  no 
quick  fixes,  these  actions  merit  consideration: 

•  Approach  the  situation  as  a  low-intensity  conflict  against  insurgents 
who  are  both  criminals  and  terrorists — and  treat  them  as  terrorists. 
Make  no  settlement  with  the  cartels.  They  are  in  the  business  in 
which  they  want  to  be.  The  cartels  are  an  evil,  and  evil  cannot  be 
defeated.  It  must  be  eradicated. 

•  Seize  and  restrict  access  to  cartel  finances.  This  is  pivotal  since  their 
wealth  gives  them  exceptional  power  that  must  be  broken.  One  chal¬ 
lenge  the  United  States  confronts  is  the  refusal  of  the  Treasury  Depart¬ 
ment  to  deal  with  the  reality  of  the  drug  war — or  counterterrorism — as 
requiring  a  combination  of  law  enforcement  and  special  operations. 
The  Washington  Post  reports  a  proposal  by  the  White  House  to  target 
cartel  assets  was  declined  by  Treasury.  That  mistake  must  be  rectified?7 
Mexico  could  deplete  cartel  bank  accounts  and  seize  assets.  The  United 
States  could  provide  intelligence  and  technical  support  to  help  locate 
such  assets  then  defer  to  Mexico  for  action.  If  the  United  States  seized 
such  assets,  it  should  share  them  with  Mexico  as  an  incentive  to 
encourage  Mexican  cooperation.  A  key  element  of  this  approach 
lies  in  disrupting  the  relationships  cartels  have  with  international 
terror  networks. 

•  Work  with  the  Mexican  government  to  develop  a  special-mission 
military  force  that  will  avoid  human  rights  violations  and  work  well 
with  civilian  authority  but  that  has  the  expertise  and  military  capa¬ 
bility  to  take  on  and  defeat  heavily  armed  adversaries  like  Los  Zetas. 
President  Nieto  is  backing  away  from  his  suggestion  of  creating  a 
national  gendarmerie.  Whatever  the  force  is  called,  Mexico  needs 
an  effective,  well-trained  special-mission  force.  Critics  worry  the 
cartels  will  try  to  subvert  and  corrupt  such  a  force.  Be  assured  they 
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will  make  that  effort.  But  Mexico  and  the  United  States  must  work 
cooperatively  to  ensure  an  effective  force  is  recruited,  trained,  and 
retained.  Though  not  an  easy  task,  it  should  not  deter  us. 

•  The  United  States  must  persuade  Nieto  of  the  value  of  US  assis¬ 
tance,  particularly  intelligence,  surveillance,  and  reconnaissance. 
The  Washington  Post  reported  last  April  that  former  president  Calderon 
had  granted  US  spy  planes  access  to  Mexican  airspace  to  gather 
intelligence.  US  drones  supported  CBP  patrols,  and  cyber  technology 
was  employed  to  combat  trafficking.  The  Post  reported  the  United 
States  was  also  helping  target  and  vet  potential  intelligence  assets.58 
In  Iraq,  Gen  Stanley  McChrystal  forged  a  task  force  that  accounted 
for  between  11,000  and  13,000  members  of  al-Qaeda.  Their  British 
counterparts  accounted  for  another  3, 500. 59  That  was  achieved 
through  a  fusion  team  that  identified  key  terrorist  leaders  and  middle- 
echelon  loyalists  and  eliminated  them.  US-Mexican  fusion  centers 
were  established,  the  Post  reported,  in  Mexico  City  and  Monterrey, 
as  well  as  in  regional  headquarters.  Apparently  more  limited  than 
McChrystal’s  task  force,  this  was  still  a  step  in  the  right  direction.60 
Nieto  may  eschew  such  help,  but  we  must  persuade  him  to  reverse 
course  and  make  clear  that  vital  US  interests  are  at  stake — and  we 
will  act  accordingly. 

•  Except  for  its  marines,  who  have  proven  relatively  effective,  Mexico’s 
military  should  be  employed  with  restraint.  Those  who  argue  that 
most  military  personnel  are  not  trained  for  law  enforcement  have  a 
valid  point.  Mexico’s  experience  in  using  its  military  has  produced 
mixed  results,  while  alienating  many  Mexicans.  The  US  Marines 
should  continue  and  step  up  efforts  to  work  with  Mexico’s  marines 
through  indirect  mission  assistance  in  training  and  equipping. 

•  Mexican  leadership  must  persuade  its  population,  especially  its  elites 
(who  arguably  have  too  often  helped,  not  fought,  the  cartels),61 
middle  class,  unions,  and  civil  society  organizations  to  support 
the  fight  against  the  cartels — stop  kidnapping,  extortion,  robbery, 
human  trafficking,  arms  smuggling,  and  drug  trafficking.  Calderon 
failed  to  lay  a  solid  political  foundation  for  waging  the  war.  Success 
requires  persuading  Mexicans  their  own  lives  depend  on  defeating 
the  cartels.62  The  challenge  is  difficult,  but  Nieto  must  avoid  repeating 
Calderon’s  mistakes. 
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•  Work  with  Mexico  to  develop  a  joint  strategy  and  support  it  with 
the  necessary  resources.  Violence  does  not  affect  the  entire  country. 
One-third  of  Mexican  states  have  violence  levels  similar  to  the 
United  States.  A  strategy  should  focuses  on  the  most  violent  areas; 
the  capital,  Mexico  City,  and  the  financial  center,  Monterrey;  and 
tourist  areas  which  contribute  heavily  to  the  nation’s  economy, 
such  as  Acapulco,  Leon,  San  Miguel,  Cuernavaca,  Guadalajara, 
and  Toluca. 

•  Revamp  the  Merida  Initiative.63  Too  much  money  went  to  US 
contractors  and  too  little  to  Mexicans  who  could  make  a  differ¬ 
ence.  Mexico  lacks  the  resources  needed  to  properly  implement  the 
institutional  and  social  reforms  needed  to  win  this  war.  This  is  a 
long-term  challenge,  but  success  requires  achieving  social  justice  in 
Mexico.  We  can  do  more  to  help  and  we  must. 

•  Forge  border  management  solutions  with  realistic  division  of 
responsibility  between  the  United  States  and  Mexico. 

•  Abrogate  the  Brownsville  Agreement,  which  former  attorney  general 
Janet  Reno  entered  into  in  1998.  This  agreement  lacked  foresight  in 
that  it  compelled  the  United  States  to  notify  the  Mexican  govern¬ 
ment  of  undercover  operations  in  Mexico.  That  agreement  handi¬ 
capped  our  law  enforcement  agencies  on  any  number  of  fronts  without 
Mexican  compromise. 

•  A  hemispheric  approach  must  be  reviewed  by  looking  beyond  Mexico 
to  our  regional  neighbors.  The  drug  war  threatens  Canada  as  well 
as  Central  and  South  America.  Coordinate  with  Canadian  SOF 
in  providing  training  to  Central  and  South  American  militaries  for 
counternarcotics  and  to  the  military  in  Guatemala,  El  Salvador,  fion- 
duras,  and  other  Latin  allies  through  SOF  assistance  to  help  them 
develop  special-mission  capabilities  for  defeating  drug  traffickers. 

The  United  States  must  move  beyond  defeatist  rhetoric  suggesting  the 
drug  war  can  only  be  managed,  not  won.  It  can  and  must  be  won.  But 
that  requires  viewing  it  realistically  and  taking  significant  action  against 
the  cartels  to  help  Mexico  gain  control  of  the  strategic  situation.  While 
general-purpose  military  forces  are  unsuited  for  winning  this  conflict, 
special-mission  units  are  essential  to  defeat  heavily  armed,  often  well- 
trained  cartel  forces  whose  capabilities  can  overwhelm  any  normal  law 
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enforcement  capability.  Mexico  lies  on  our  doorstep,  and  much  of  what 
affects  its  vital  interests  is  entwined  with  vital  US  interests.  Recognizing 
that  reality  is  the  beginning,  and  it  is  time  to  get  moving. 
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Toward  Attaining  Cyber  Dominance 


Martin  R.  Stytz 
Sheila  B.  Banks 

It’s  not  what  you  don’t  know  that  kills  you;  it’s  what  you  know  for 
sure  that  ain’t  true. 

— Mark  Twain 

Achieving  global  cyber  superiority  or  global  cyber  control  by  any 
organization  is  no  longer  technically  possible.  Instead,  the  proper  over¬ 
arching  objective  should  be  dominance  of  one  or  more  of  the  elements 
of  cyberspace  of  most  importance  to  the  organization  at  any  given  time.1 
The  successful  nation  is  the  one  that  achieves  and  maintains  strategic  and 
tactical  dominance  in  its  critical  elements  of  cyberspace  when  required.2 
Two  important  questions  related  to  the  strategic  aspects  of  cyber  conflict 
are:  what  should  be  the  basic  technological  building  block(s)  for  strategic 
cyber  defense  to  assure  dominance  of  ones  own  critical  elements  of  cyber¬ 
space,  and  what  are  the  classes  of  strategic  data  target(s)  strategic  cyber 
defense  must  protect? 

Strategic  cyber  conflict  enables  surprise,  shock,  and  confusion  to  be 
inflicted  upon  an  adversary  at  the  time  of  the  attacker’s  choosing,  in  a 
manner  of  the  attacker’s  choosing,  and  in  a  manner  that  exploits  the 
adversaries’  decision-making  biases.  Strategic  offensive  cyber  dominance 
exploits  adversary  biases  by  a  combination  of  data  exfiltration  and  manipula¬ 
tion  to  lead  adversaries  to  make  decisions  that  we  want  them  to  make.  It 
undercuts  the  opponents’  effective  decision  making  and  mission  com¬ 
mand.  Strategic  cyber  offensive  targeting  should  be  based  upon  the  de¬ 
sired  effects  on  the  data  and  decision  processes  of  the  opponent  and  not 
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upon  the  material  damage  that  may,  or  may  not,  be  inflicted.  Conversely, 
strategic  defensive  cyber  dominance  enables  effective  decision  making  for  one’s 
own  side.  It  ensures  accurate,  trustworthy,  relevant  data  is  provided  to 
friendly  decision  makers.  The  vast  amount  of  open-source  cyber- attack 
literature  demonstrates  that  no  combination  of  tactical  cyber  defense 
technologies  is  impervious.  Therefore,  one’s  own  systems  and  decision 
makers  must  be  prepared  technologically  and  psychologically  to  func¬ 
tion  despite  strategic  cyber  attacks  designed  to  undermine  situational 
awareness  (SA),  decision-making  ability,  and  mission  command  by 
attacking  their  data  and  other  elements  of  cyberspace. 

Strategic  cyber  defense  dominance  arises  from  a  combination  of  tactical 
cyber  defense  technologies,  a  resilient  cyber  defense  system  architecture, 
and  decision-maker  preparation  for  psychological  effects  of  a  strategic 
cyber  attack.  Technologically,  a  resilient  strategic  cyber  defense  should 
be  based  on  an  active,  dynamic  layered  cyber  defense  (DLCD).  Strategic 
cyber  defense  preparation  requires  training  decision  makers  via  exposure 
to  the  effects  of  cyber  attacks  so  they  can  surmount  the  challenges  posed 
by  a  strategic  cyber  attack.  Because  of  the  obvious  dangers  posed  by 
training  using  cyber  attacks  in  the  real  world,  the  decision-maker  train¬ 
ing  venue  must  be  a  simulation  environment.  The  DLCD,  situational 
awareness,  and  decision-support  approach  we  describe  complements  the 
joint  information  environment  (JIE)  or  similar  dataflow  architectures 
and  their  cyber  defenses. 

This  article  addresses  strategic  cyber  dominance,  with  a  focus  on  strategic 
cyber  defense.  It  contains  a  background  discussion  on  strategic  cyber¬ 
space  and  situational  awareness  while  examining  the  active  DLCD 
concept.1  The  article  also  presents  an  approach  to  strategic  cyber  defense 
training  and  simulation  to  prepare  decision  makers  for  the  data  uncer¬ 
tainties  and  confusion  that  will  occur  in  a  cyber  conflict. 


Strategic  Versus  Tactical  Cyberspace 

Strategic  cyber  warfare  is  a  contest  for  access,  control,  use,  and  ma¬ 
nipulation  of  the  opponents’  data  coupled  with  protection  and  con¬ 
fident  use  of  your  own  data.  In  contrast,  the  offensive  tactical  level  of 
cyber  warfare  comprises  the  technologies  used  to  penetrate  opponents’ 
cyber  defenses  and  technologies  to  exfiltrate,  alter,  or  manipulate  their 
data.  Examples  of  tactical  offensive  cyber  warfare  technologies  are 
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worms,  viruses,  botnets,  port  scanners,  Trojans,  backdoors,  and  social 
engineering  attacks  (like  phishing).  We  use  the  term  malware  to  denote  all 
offensive  tactical  cyber  warfare  technologies.  The  defensive  tactical  level 
of  cyber  warfare  concerns  the  technologies  used  to  protect  one’s  systems 
and  data.  Examples  of  technologies  used  for  defensive  tactical  cyber  war¬ 
fare  purposes  are  encryption,  firewalls,  onion  routing,  air-gapped  net¬ 
works,  biometric  logon,  and  address  space  randomization.  We  differentiate 
between  tactical  and  strategic  cyber  operations  to  highlight  the  difference 
between  the  tactical  struggle  to  control  access  to  systems  and  their  data 
and  the  struggle  to  access  and  control  cyberspace  elements  to  achieve 
strategic  objectives.  Tactical  cyber  conflict  is  dominated  by  technological 
considerations;  strategic  cyber  conflict  is  dominated  by  data,  SA,  and 
decision-making  considerations.  We  contend  that  any  physical  effects  of 
tactical-level  cyber  activities,  while  important,  are  also  irrelevant  at  the 
strategic  cyber  warfare  level. 

Cyber  conflict  is  different  from  information  operations.  Information 
operations  can  be  executed  by  a  number  of  technologies,  even  humans, 
whereas  the  data  alterations  achievable  in  a  cyber  conflict  are  unique, 
of  greater  scope,  adaptable,  and  more  rapid  than  in  information  opera¬ 
tions.  Therefore,  we  consider  cyberspace  technology  as  a  capability  that 
is  distinct  from  information  operations.  As  noted  above,  the  challenges 
faced  by  the  strategic  cyber  defender  are  increasing,  and  there  is  little 
prospect  for  achieving  complete  trustworthiness  for  any  portion  of  a 
defender’s  cyberspace  short  of  complete  isolation  from  the  Internet  (which 
obviously  negates  the  utility  of  that  set  of  the  defender’s  cyber  systems).4 
There  are  several  clear  causes  for  the  severity  and  scope  of  the  tactical 
cyber  defense  challenge.  First,  blended  tactical  cyber  attacks  are  becoming 
more  commonplace  and  should  be  expected.  Tactical  cyber  attacks  com¬ 
monly  employ  cross-channel,  cross-domain,  and  cross-functional 
components,  thereby  both  significantly  increasing  the  complexity  of  the 
tactical  cyber  attack  and  the  difficulty  of  detecting  or  defending  against 
it.  Second,  while  defenses  against  known  tactical  cyber  attacks  are  neces¬ 
sary,  they  are  not  sufficient  to  ensure  a  successful  tactical  cyber  defense 
because  new  attack  technologies  are  always  under  development.  As  a 
result,  tactical  cyber  defenses  cannot  expect  to  repel  or  mitigate  every  at¬ 
tack.  Complicating  the  problem  is  the  existence  of  an  unknown  number 
of  zero-day  attacks.  Third,  cyber  adversary  resources  are  increasing  due  to 
nation-state  involvement  and  criminal  involvement,  which  accelerate  the 
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rate  of  advance  in  cyber- attack  technologies.  Fourth,  computer  and  net¬ 
work  technology  advancements  have  traditionally  favored  tactical  cyber 
attack,  which  undermines  the  ability  of  cyber  defenses  to  repel  or  miti¬ 
gate  such  an  attack.  Finally,  tactical  cyber  standards  compliance  does 
not  guarantee  cyber  security  or  even  effective  tactical  cyber  defense  but 
does  increase  its  costs.  For  these  reasons,  cyber  defenders  should  expect 
their  tactical  defenses  to  be  breached,  they  should  expect  breaches  to  be 
increasingly  difficult  to  detect,  and  they  should  be  prepared  to  operate 
successfully  despite  a  successful  breach  while  also  recovering  from  and 
sealing  the  breach. 

Despite  the  challenges  posed  by  the  adversary’s  strategic  cyber- attack 
objectives  and  tactical  cyber  attacks,  strategic  cyber  defense  must 
endeavor  to  secure  the  cyberspace  elements  vital  to  the  current  decision¬ 
making  context.  The  approach  used  to  secure  these  elements  is  the  cyber 
defense  strategy;  typically  a  cyber  defense  strategy  is  static  or  changes 
slowly  on  a  human  time  scale.  A  decrease  in  trust  or  a  delay  in  delivery 
of  a  crucial  cyberspace  element  or  component  of  an  element  is  a  strategic 
cyber  defense  “loss.”  Specifically,  the  strategic  cyber  defense  loses  if  the 
attacker  can  (1)  retard  the  delivery  of  cyberspace  elements  or  compo¬ 
nents  needed  for  critical  decisions,  (2)  reduce  the  velocity  of  dataflow 
in  the  defender’s  cyber  systems,  (3)  force  the  use  of  outdated/outmoded 
equipment  or  systems  to  secure  cyberspace  elements  or  components, 
(4)  impede  the  exchange  of  cyberspace  elements  or  components  among 
the  defenders,  or  (5)  retard  improvements  or  adoption  of  cyberspace 
technologies.  Clearly,  cyber  attackers  will  attempt  to  increase  their 
capabilities  in  all  five  areas.  Of  critical  importance  during  a  cyber  attack 
is  that  not  all  elements  of  cyberspace  or  components  of  each  element  are 
of  equal  value  and  the  value  of  each  element  or  component  varies  over 
time  due  to  changes  in  the  decision  context.  Decision  context  alone 
determines  element  importance.  Because  element  value  varies,  the  key 
question  for  the  strategic  cyber  defender  is  which  of  the  five  areas  are 
crucial  to  the  strategic  attacker’s  success  and  which  are  crucial  to 
strategic  cyber  defense.  Cyberspace  element  priorities,  and  therefore  cyber 
defense  resource  allocation,  must  change  as  circumstances  and  decision 
context  change.  We  contend  that  the  cyber  defense  strategy  should  also 
change  as  rapidly. 

To  respond  rapidly  to  changes  in  cyberspace  element  priorities,  strategic 
cyber  defenses  must  be  able  to  dynamically,  seamlessly,  and  stealthily 
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change  to  improve  the  defenses  for  the  cyber  elements  and  components 
that  have  the  greatest  value  and  importance  at  any  given  time.  However, 
changes  in  the  defense  strategy  or  tactics  undertaken  to  increase  protec¬ 
tion  for  crucial  elements  or  components  must  not  sacrifice  lower-value 
elements  or  components  (obviously,  an  element’s  value  may  increase  in 
the  next  decision  context.)  Instead,  the  higher-value  elements  and  com¬ 
ponents  must  be  provided  with  additional  protection(s)  while  preserv¬ 
ing  the  value  of  components  and  elements  not  under  attack  or  of  less 
importance  in  the  current  decision  context.  The  foundation  for  these 
capabilities  rests  upon  DLCD  and  its  ability  to  support  rapid  changes  in 
cyber-defense  strategy  and  tactics. 

Executing  an  effective  strategic  cyber  attack  upon  an  important  strategic 
and  tactical  target  is  not  a  technologically  simple  undertaking.  A  success¬ 
ful  strategic  or  tactical  cyber  attack  requires  a  high  degree  of  technical 
sophistication,  patience,  and  a  deep,  thorough  understanding  of  com¬ 
puting  technologies,  human  cognition,  decision  making,  and  individual 
and  group  situational  awareness  development.  Perversely,  cyber  attackers 
need  not  possess  these  technological  abilities;  they  can  be  purchased 
from  people  who  do  have  them.  However  acquired,  technological  ad¬ 
vances  are  enabling  attacks  not  previously  possible  as  well  as  increasing 
the  likelihood  of  success  of  known  types  of  tactical  cyber  attacks,  which 
has  resulted  in  an  increased  ability  to  target  specific  elements  of  cyber¬ 
space.5  The  challenges  posed  by  increasingly  capable  malware  are  both 
compounded  and  offset  by  the  widespread  use  of  virtual  machine  (VM) 
and  cloud  computing  technologies.6  Cyber  attackers  have,  and  likely 
will  retain,  the  tactical  technical  advantage  and  the  initiative  requiring 
that  we  assume  that  all  cyberspace  elements  are  at  risk.  Recent  techno¬ 
logical  developments  demonstrated  by  the  Stuxnet,  Bluepill,  Flame,  and 
Conficker  tactical  cyber  attacks  indicate  the  likely  character  of  future 
attacks  as  well  as  their  likely  consequences  upon  decision  makers. 

Stuxnet  highlighted  the  challenges  faced  by  strategic  cyber  defense.  It 
apparently  only  activated  if  the  infiltrated  system  was  one  of  its  targets. 
In  a  targeted  system,  it  proceeded  to  alter  the  software  at  the  target  and 
to  search  for  new  targets  from  within  the  system.  Humans  or  computer 
systems  did  not  direct  or  manage  the  Stuxnet  campaign.  Instead,  the 
Stuxnet  software  autonomously  conducted  the  cyber  attack.  The  same 
degree  of  autonomy  must  be  expected  to  occur  in  the  future.  Of  greater 
concern  is  the  primacy  of  cyber  elements,  especially  data,  over  physical 
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systems  as  illustrated  by  the  Stuxnet  attack.  Tactically,  Stuxnet  altered 
the  performance  of  the  targeted  centrifuges;  however,  its  success  was 
critically  dependent  upon  its  capability  to  alter  data.  Stuxnet  altered 
the  centrifuge  performance  data  available  to  human  decision  makers; 
the  human  operators  believed  that  centrifuge  performance  was  correct. 
Without  this  key  cyber-element  tampering  capability,  the  Stuxnet  cyber 
attack  would  have  been  easily  detected  and  would  have  failed. 

Clearly,  future  cyber  attacks  will  target  systems  in  a  more  sophisti¬ 
cated  manner  than  Stuxnet  or  Flame.  They  will  transmit  data  from  the 
targets  and/or  subtly  modify  the  data  to  corrupt  it  in  a  malicious  but 
not  immediately  apparent  manner.  We  expect  that  future  cyber  attacks 
will  be  structured  to  introduce  false  information,  to  target  specific  indi¬ 
viduals  as  well  as  systems  for  information  degradation,  and  to  precisely 
corrupt  information  that  reaches  decision  makers  within  ongoing  cyber 
campaigns  of  tactical  and  strategic  significance.  Cyber  attacks  will  be  co¬ 
ordinated  and  mounted  in  campaigns  designed  to  maximize  confusion 
and  maximally,  automatically  exploit  tactical  and  strategic  successes. 

As  Conficker  demonstrated,  the  technology  exists  to  create  a  cyber 
weapon  consisting  of  millions  of  computer  systems  and  maintain  com¬ 
mand  and  control  of  that  weapon  despite  changes  to  tactical  cyber  de¬ 
fenses  during  the  tactical  cyber  attack.  Stuxnet  demonstrated  the  tech¬ 
nology  for  a  cyber  weapon  that  behaves  like  a  “smart  munition”  due 
to  its  capability  to  alter,  damage,  or  destroy  specific  data  on  specific 
physical  systems.  Eventually,  nations  will  possess  cyber  arsenals  contain¬ 
ing  a  variety  of  these  and  other  classes  of  controlled,  precision  cyber 
weapons  as  well  as  broad  cyber- attack  weapons.  We  should  expect  that 
cyber  campaigns  will  employ  a  wide  variety  of  malware  that  operates 
cooperatively  and  strategically  to  disorient  and  confuse  decision  makers, 
delay  decisions,  and  lead  decision  makers  to  incorrect  conclusions  and 
poor  decisions  without  being  aware  the  information  they  are  using  is 
corrupted.  Despite  the  clear  and  increasing  cyber  threat,  scant  attention 
has  been  devoted  to  either  decision  making  or  strategic  cyber  defense 
training  during  a  cyber  attack  when  decision-critical  portions  of  cyber¬ 
space  have  been  compromised.  We  can  prepare  for  and  to  some  degree 
prevent  the  disruption  caused  by  a  strategic  cyber  attack  by  exposing  de¬ 
cision  makers  to  simulated  strategic  cyber  attacks  as  well  as  by  pursuing 
new  strategic  defense  technologies  with  the  intent  of  improving  decision 
maker  situational  awareness  during  cyber  attacks. 
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Situational  Awareness 

The  unique  peril  posed  by  cyber  attacks  arises  from  the  use  of  in¬ 
formation  technologies,  including  computers,  software,  networks,  and 
sensors  in  the  network-centric  warfare  (NCW)/data-centric  warfare 
(DCW)  paradigm.7  NCW/DCW  leverages  data  and  the  other  elements 
of  cyberspace  to  improve  operational  performance  and  outcomes.  The 
improvements  in  shared  situational  awareness  and  group  decision  making 
provided  by  NCW/DCW  capabilities  reduce  information  uncertainty 
between  and  among  decision  makers.8  These  two  significant  advantages 
provide  a  detailed,  shared,  composite  insight  into  the  state  of  the  con¬ 
flict.  The  cyberspace  elements  that  support  NCW/DCW  are  the  only 
way  to  achieve  the  timely,  accurate  decisions  needed  in  current  and  future 
cyber  conflicts.  A  strategic  cyber  attack  undermines  the  data  and  other 
cyberspace  elements  used  for  decision  making  and  impairs  development 
of  individual  and  group  situational  awareness.  The  vulnerabilities  ex¬ 
ploited  by  a  tactical  cyber  attack  in  support  of  a  strategic  cyber  attack 
are  inherent  to  the  technologies  used  to  achieve  the  advantages  provided 
by  modern  cyberspace  technologies.  The  advantages  offered  by  cyber¬ 
space  technologies  make  them  profitable  targets.  A  strategic  cyber  at¬ 
tack  can  prevent  valuable  data  from  reaching  decision  makers,  corrupt 
decision-relevant  data,  corrupt  decision-support  systems,  and  corrupt 
the  other  elements  of  cyberspace.  However,  it  is  not  the  corruption  of 
the  cyberspace  elements  that  is  a  concern;  it  is  the  corruption  of  decision 
making.  The  rise  of  modern  computing  and  networking  technologies 
has  given  rise  to  the  expectation  that  correct  individual  and  shared  situ¬ 
ational  awareness  will  develop  and  facilitate  decision  making.  The  rapid 
acquisition  of  individual  and  group  situational  awareness  can  enable  a 
faster,  coherent  response  to  evolving  circumstances.  A  strategic  cyber  at¬ 
tack  adversely  affects  group  and  individual  situational  awareness. 

Situational  awareness  is  the  result  of  a  dynamic  process  of  perceiving 
and  comprehending  events  in  an  environment.9  It  enables  reasonable 
projections  of  how  the  environment  may  change  and  permits  predic¬ 
tions  concerning  future  circumstances  and  outcomes.  The  process  (see 
fig.  1)  bears  some  similarity  to  Col  John  Boyd’s  observe-orient-decide-act 
(OODA)  loop  formulation  for  situational  awareness.10  The  components 
of  the  process  are  not  stages,  but  instead  are  interlocking  cycles  that 
progress  in  relation  to  each  other  using  an  action  progression  schema. 
The  factors  promoting  individual  SA  are  both  structural  and  situational. 
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Structural  factors  include  background,  training,  experience,  personality,  in¬ 
terests,  and  skill.  Situational  factors  include  the  mission  that  is  being  per¬ 
formed  and  the  circumstances  at  the  time  of  the  mission.  Structure  and 
situational  factors  affect  situational  awareness  as  illustrated  in  figure  2. 
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Figure  1.  The  situation  awareness  cycle 

(. Adapted  from  Mica  Endsley,  “Toward  a  Theory  of  Situation  Awareness  in  Dynamic 
Systems,”  Human  Factors  37,  no.  1  [1995]) 
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Figure  2.  Situation  awareness  formation 
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Shared  (or  group)  SA  can  be  defined  as  a  common  relevant  mental 
model  of  an  environment  or  as  the  degree  to  which  an  individual’s  per¬ 
ception  of  the  environment  mirrors  the  same  situation  as  perceived  by 
others  in  the  group.  Achieving  shared  SA  benefits  from  cyberspace  dom¬ 
inance  and  an  interoperable  information  representation,  both  of  which 
demand  an  effective  strategic  and  tactical  cyber  defense.  Group  SA  ensures 
that  a  clear  and  accurate,  common,  relevant  picture  of  the  situation  is 
possessed  by  leaders  at  all  levels.  Shared  situational  awareness  requires  a 
common  comprehension  of  relevant  policy  and  strategy  as  well  as  the 
state  of  operations,  technology,  logistics,  tactics,  plans,  command  structure, 
personalities,  and  readiness  posture. 

There  are  many  factors  that  are  known  to  degrade  shared  SA  across  a 
group:  (1)  false  group  mind-set,  (2)  the  “press  on  regardless”  mind-set 
(allowing  mission  accomplishment  to  affect  objective  assessment),  (3) 
insufficient  training/ variable  skill  levels,  (4)  poor  personal  communica¬ 
tions  skills,  (5)  perception  conflicts,  (6)  frequent  changes  in  personnel, 
(7)  degraded  operating  conditions,  (8)  lack  of  a  common  set  of  informa¬ 
tion  across  a  group,  and  (9)  the  absence  of  nonverbal  cues.  In  general, 
physically  distributed  workers  have  poorer  shared  SA  than  do  collocated 
workers,  a  problem  that  is  exacerbated  by  the  tendency  to  rarely  discuss 
contextual  information  among  distributed  workers.11  A  modern,  well- 
planned  strategic  cyber  attack  will  assuredly  target  and  undercut  both 
individual  and  shared  SA  by  magnifying  the  impact  of  one  or  more 
factors  that  degrade  both.  In  light  of  these  and  other  foreseeable  devel¬ 
opments  in  tactical  cyber- attack  capabilities,  we  suggest  that  the  current 
static  defense-in-deptb  best  practice  for  tactical  cyber  defense  is  becoming 
outmoded  and  unviable  in  the  face  of  foreseeable  tactical  cyber- attack 
capabilities.  To  enable  an  effective,  flexible  strategic  cyber  defense,  a 
transition  to  a  tactical  cyber  defense  based  upon  an  active ,  dynamic  layered 
cyber  defense-in-depth  is  necessary. 

Diminishing  Cyber-Attack  Effectiveness 
through  DLCD 

Dynamic  layered  cyber  defense-in-depth  requires  active  tactical  cyber 
defense  of  data  and  other  cyberspace  elements  in  a  manner  that  provides 
rapid  and  robust  response  to  a  cyber  attack  by  isolating  the  infected  systems 
as  they  are  detected  and  augmenting  the  tactical  cyber  defense  of 
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uninfected  systems  to  prevent  the  spread  of  the  malware  infestation 
and  to  preserve  cyberspace  elements’  value.  The  key  to  deploying  effective, 
mutually  supportive,  and  coherent  dynamic,  active  defense-in-depth  lies 
in  continuous,  rapid  analysis  of  the  status  and  quality  of  the  protection 
for  cyberspace  elements  and  systems  and  using  the  resulting  evaluation  to 
immediately  alter  and  improve  tactical  cyber  defenses  for  the  targeted  data 
and  systems.  However,  since  there  can  and  will  undoubtedly  be  multiple 
infestations  and  multiple  cyber-attack  campaigns  mounted  at  the  same 
time,  the  ability  to  successfully  wall  off  multiple  infestations  and  deploy 
multiple,  independent  defensive  rings  around  uninfested  cyberspace 
elements  (and  their  components)  are  needed.  Data  valuation  and  cyber¬ 
attack  categorization  are  essential  to  the  success  of  this  approach  because 
the  value  of  the  threatened  data  should  determine  the  resources  dynamically 
devoted  to  cyber  element’s  defense. 

Fundamentally,  every  cyber  attack  has  as  its  primary  objective  control 
of  the  defender’s  cyberspace  elements  (typically  data)  by  either  the  exe¬ 
cution  of  the  attacker’s  computer  instructions  upon  the  defender’s  com¬ 
putational  resource(s)  or  the  execution  of  the  defender’s  high-privileged 
instructions  upon  the  defender’s  computational  resource(s)  using  pa¬ 
rameters  chosen  by  the  cyber  attacker.  We  can  restate  these  objectives  as 
either  executing  attacker’s  instructions  upon  the  defender’s  computer’s 
“bare  metal”  or  executing  privileged  defender  system  commands  using 
the  attacker’s  input  values.  Logically,  the  primary  objective  of  the  tacti¬ 
cal  cyber  defense  must  be  to  prevent  achievement  of  both  objectives. 
In  practice  this  has  been  difficult  for  the  tactical  cyber  defense  due  to 
the  traditional  emphasis  placed  upon  computational  throughput  and 
efficiency  and  the  resulting  reliance  upon  perimeter  tactical  cyber  de¬ 
fenses.  The  emphasis  has  become  self-defeating,  because  it  enables  tactical 
cyber- attack  success,  promotes  strategic  cyber- attack  success,  and  leaves 
the  defender  vulnerable  to  poor  situational  awareness  and  the  inevitable 
surprises  that  are  a  consequence  of  poor  SA. 

Strategic  cyber  defense  should  have  as  its  objectives  preventing  pen¬ 
etration  of  the  tactical  cyber  defenses,  and  in  the  event  of  penetration, 
preventing  the  attacker  from  determining  the  cyber  terrain,  prevent¬ 
ing  the  attacker’s  malware  from  executing,  and  if  the  malware  executes, 
preventing  it  from  accessing  its  target  and/or  communicating.  While 
these  objectives  are  pursued  somewhat  in  current  tactical  cyber-defense 
technologies,  the  first  objective  listed  receives  the  greatest  emphasis,  and 
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a  successful  penetration  usually  results  in  a  successful  cyber  attack.  The 
strategic  cyber  defensive  need  is  to  dramatically  increase  the  ability  to 
achieve  these  objectives  while  maintaining  flexibility  and  robustness  in 
response  to  a  cyber  attack. 

Because  any  static  layered  tactical  cyber  defense  can  be  defeated,  a 
DLCD  must  be  able  to  change  any  aspect  of  its  configuration  at  any 
time.  By  doing  so,  a  DLCD  (1)  makes  defeating  a  tactical  cyber  defense 
configuration  as  difficult  as  possible,  (2)  provides  cyber  defenders  with 
a  tactical  cyber  defense  environment  whose  defenses  can  be  dynamically 
altered,  (3)  provides  the  cyber  defenders  with  tools  for  rapid  detection  of 
tactical  cyber  attacks,  (4)  enables  cyber  defenders  to  successfully  operate 
despite  a  breach  in  tactical  cyber  defenses,  (5)  provides  an  environment 
that  enables  rapid  recovery  from  tactical  cyber  penetration  and  com¬ 
promise,  and  (6)  eliminates  any  advantage  a  tactical  cyber  attacker  may 
have  due  to  transitory  knowledge  of  some  aspect  of  the  tactical  cyber  de¬ 
fenses.12  To  complement  these  objectives,  we  rely  on  principles  of  cyber 
security,13  employ  state-of-the-art  tactical  cyber  security  technologies, 
and  require  a  means  for  identifying,  modeling,  and  prioritizing  the  key 
components  of  each  element  of  cyberspace  in  any  decision  context. 

Current  strategic  and  tactical  cyber-defense  technologies  give  the  de¬ 
fender  control  of  the  cyber  terrain,  allowing  the  cyber  defense  to  deter¬ 
mine  the  conditions  of  engagement  in  a  cyber  attack.  Some  current 
tactical  cyber-defense  technologies,  like  application  control  and  address 
space  randomization,  can  be  effective  in  preventing  some  unauthorized 
applications  from  executing  and  in  preventing  access  to  some  dangerous 
URLs,  but  current  tactical  cyber  defense  technologies  are  static  and  not 
completely  effective.  DLCD  appears  to  be  more  promising  and  effec¬ 
tive.  Using  DLCD,  the  cyber  defender  can  erect  an  ever-varying  maze  of 
tactical  cyber  defenses  based  on  virtual  machines,  each  with  a  different 
combination  of  properties  and  operational  characteristics  that  serve  to 
complicate  the  tactical  cyber- attackers’  challenge.  Examples  of  the  tactical 
cyber  defenders’  control  include  but  are  not  limited  to  halting  com¬ 
puting  processes,  migrating  computational  processes  from  a  compro¬ 
mised  computational  environment  to  a  secure  one,  changing  network 
communications  ports  and  addresses,  changing  M2M  authentication 
codes  and  encryption  keys,  changing  virtual  machine  configuration  and 
nesting,  purging  software,  engaging  additional  firewalls,  altering  firewall 
properties,  altering  applications,  altering  authentication  protocols,  and / 
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or  disconnecting  portions  of  the  defended  system  from  the  Internet.  The 
challenge  posed  to  the  tactical  cyber  attacker  can  be  further  complicated 
if  the  cyber  defender  feeds  false  information  concerning  the  state  of  the 
tactical  cyber  attack  back  to  the  cyber  attacker,  which  can  be  very  effec¬ 
tive  because  the  cyber  attacker  almost  always  lacks  a  noncyber  informa¬ 
tion  channel  to  ascertain  the  accuracy  of  the  information. 

Nevertheless,  as  of  this  writing,  tactical  cyber  defensive  changes  must 
be  implemented  before,  not  during,  the  cyber  engagement,  thereby  for¬ 
feiting  a  tremendous  advantage  possessed  by  the  tactical  cyber  defense. 
Altering  the  tactical  cyber  defense  during  the  attack  as  well  as  control¬ 
ling  the  tactical  cyber- attack  information  received  by  the  attacker  would 
amplify  the  tactical  cyber  defense’s  advantages  and  diminish  the  effec¬ 
tiveness  of  the  tactical  cyber  attack,  which  is  the  reason  for  the  use  of 
DLCD.  The  layers  in  DLCD  do  not  correspond  to  layers  of  security 
but  rather  to  layers  of  independent  virtual  machines  that  an  attacker 
must  navigate  to  penetrate  a  system  and  to  exploit  a  successful  tactical 
cyber  attack.  Diminishing  the  effectiveness  and  ease  of  tactical  cyber 
attacks  minimizes  the  opportunity  for  surprise,  minimizes  the  exploita¬ 
tion  of  surprise,  and  improves  protection  and  employment  of  the  four 
elements  of  cyberspace  by  the  cyber  defense.  Altering  the  cyber  terrain 
by  using  DLCD  complicates  the  tactical  cyber  attackers’  ability  to  assess 
the  progress  of  the  attack  and  decreases  their  ability  to  achieve  attack 
objective(s).  By  increasing  the  rate  at  which  the  cyber  terrain  changes 
using  DLCD,  the  tactical  cyber  defense  could  force  the  attacker  to  adapt 
so  frequently  and  to  be  so  uncertain  of  the  information  coming  back 
that  the  tactical  cyber  attack’s  chances  for  success  significantly  diminish. 
In  the  next  section  we  further  discuss  DLCD  operation. 

Active  Cyber  Defense 

Traditionally,  the  principles  for  securing  cyber  systems  include  (1)  the 
system  must  be  substantially  undecipherable,  (2)  the  system  must  not 
require  secrecy  and  can  be  stolen  by  the  enemy  without  causing  trouble, 
(3)  the  system  must  be  easy  to  change  or  modify  at  the  discretion  of 
the  correspondents,  and  (4)  the  system  must  be  easy  to  use  and  must 
neither  stress  the  mind  nor  require  the  knowledge  of  a  long  series  of 
rules.  These  principles  have  been  employed  to  a  degree  since  the  earliest 
research  in  computer  security.14  In  the  cyber-security  systems  context, 
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these  principles  demand  (1)  the  tactical  cyber  attacker  cannot  determine 
the  tactical  cyber  defenses  before  or  during  the  cyber  attack,  (2)  posses¬ 
sion  of  a  system  that  implements  the  tactical  cyber  defenses  provides  no 
insight  into  the  tactical  cyber  defense  configurations  of  similar  systems, 
(3)  the  tactical  cyber  defenses  must  be  easy  to  change  at  any  time  by 
the  cyber  defenders,  and  (4)  the  tactical  cyber  defenses  are  essentially 
invisible  to  people  that  have  no  cyber-security  responsibilities.  The  need 
for  dramatic  improvement  in  tactical  cyber  defense  points  to  the  need 
for  DLCD.  DLCD  implements  the  principles  by  being  architected  and 
designed  to  isolate  malware  infestations,  complicate  the  tactical  cyber 
attacker’s  perspective  of  the  cyber  terrain,  and  maintain  sufficient,  accu¬ 
rate,  and  trustworthy  cyberspace  elements  despite  attack.  This  approach 
differs  from  current  tactical  cyber-defense  attempts  in  its  extreme  em¬ 
phasis  on  the  four  principles  as  the  foremost  property  and  requirement 
for  the  cyber  system  without  regard  for  their  impact  on  system  performance. 

DLCD  also  emphasizes  the  importance  of  three  additional  desirable 
properties  of  a  cyber  system:  maximizing  information  velocity  within 
the  system  when  it  is  under  attack,  maximizing  the  objective  reasons  for 
user  trust  of  the  system  and  its  data,  and  maximizing  the  ability  of  the 
cyber  system  to  modify  tactical  cyber  defenses  by  either  increasing  or 
decreasing  their  complexity  and  security  properties.  The  change  in  prop¬ 
erties  is  based  upon  the  importance  of  the  information  being  processed 
by  the  system  in  relation  to  the  current  decision-making  context.  By 
prioritizing  the  security  of  the  cyber  system,  we  enable  the  attainment 
of  these  three  additional  properties. 

In  DLCD,  the  outermost  layer  of  the  tactical  cyber  defense  has  access 
to  the  computing  hardware;  each  additional  nested  layer  further  isolates 
the  hardware  from  the  cyberspace  component,  and  vice-versa.  The  in¬ 
nermost  layer  of  the  DLCD  defense  encloses  the  component.  Because 
software  probes  are  used  to  instrument  the  operation  and  performance 
of  each  layer,  DLCD  can  give  decision  makers  sufficient  time  and  in¬ 
formation  to  recognize  and  counteract  a  cyber  attack.  DLCD  also  al¬ 
lows  the  cyber  defenders  to  alter  tactical  cyber-defense  complexity  and 
configuration  at  any  time,  which  further  complicates  the  challenges 
posed  to  an  attacker.  We  contend  that  human  oversight  and  judgment 
is  crucial  to  the  operation  of  DLCD  and  for  insuring  that  a  cyber  at¬ 
tacker  does  not  trigger  tactical  cyber-defense  responses  that  squander 
resources.  As  a  result,  while  some  responses  in  the  tactical  cyber  defense 
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must  be  automatic,  the  human  decision  makers  provide  overall  guidance 
and  management  of  the  defense.  Figure  3  illustrates  the  essence  of  the 
DLCD  approach  for  a  single  element  of  cyberspace.  Figure  4  illustrates 
its  use  for  application  protection. 

The  key  to  DLCD  is  the  protection  of  each  element  of  cyberspace  by 
one  or  more  nested  Type  1  virtual  machines,  each  operated  by  its  own 
virtual  machine  monitor  (VMM)  using  different  configurations.15  Each 
virtual  machine  provides  a  layer  of  cyber-defense  protection,  having  its 
own  set  of  virtual  machine  (VM)  properties  and  traditional  tactical  cy¬ 
ber  defenses,  as  illustrated  in  figure  3.  Additional  virtual  machines  are 
added  to  the  layered  protection  as  warranted  by  the  threat  and  impor¬ 
tance  of  the  component  in  the  current  decision  context.  End-to-end 
security  within  the  DLCD  environment  is  accomplished  along  the  lines 
described  by  Cricket  Liu  and  Paul  Ablitz  in  DNS  and  BIND.16  For  ex¬ 
ample,  communication  between  virtual  machines  must  be  secure  and  re¬ 
liable.  Therefore,  data  is  encrypted  before  transmission  between  virtual 
machines  or  between  applications.  Secure  communication  is  enhanced 
using  virtual  private  network  (VPN)  technology  to  secure  interprocess 
communication  within  the  computer  system.  Issuing  virtual  machines 
and  authorized  applications  a  digital  certificate  for  authentication  pro¬ 
vides  additional  security.  Defensive  tactical  cyber  security  is  further  im¬ 
proved  by  using  DNSSEC  and  IPSEC  for  communication  within  and 
between  layers  and  IPv6  addresses  to  identify  individual  applications 
and  virtual  machines  (IPv6  addresses  are  not  shared  or  inherited).17  The 
combination  of  VM  with  other  tactical  cyber-defense  technologies  en¬ 
ables  secure,  dynamic  alteration  of  the  defensive  cyber  terrain  that  the 
attacker  must  overcome  to  achieve  cyber- attack  objectives. 

By  using  multiple  nested  virtual  machines  and  other  cyber-defense 
technologies  to  protect  the  elements  of  cyberspace,  DLCD  supports 
dynamic  allocation  of  tactical  cyber-defense  resources  by  enabling  the 
addition  of  virtual  machines  to  the  layers  of  protection  of  an  element 
or  component,  by  altering  the  mix  of  VM  types  and  configurations, 
or  by  changing  tactical  cyber- attack  detection  systems  within  each  VM 
without  altering  or  influencing  the  other  VMs  or  cyberspace  elements 
within  a  system.  Using  DLCD,  the  defensive  cyber  terrain  can  be  altered 
in  a  significant,  useful,  unpredictable  manner  that  cannot  be  detected 
or  prevented  by  the  cyber  attacker  or  by  malware  that  has  breached 
the  system’s  defenses.  DLCD  presents  tactical  cyber  attackers  with  a 
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reconfigurable  maze  that  they  must  continuously  solve  to  penetrate  de¬ 
fensive  cyberspace  and  exploit  a  penetration.  Note  that  for  each  VM 
layer  added  to  protect  a  component  or  an  element,  the  poorer  the  per¬ 
formance  of  the  enclosed  element  or  component,  which  inevitably  de¬ 
grades  the  utility  of  the  cyberspace  element  or  component  for  broader 
mission  accomplishment.  It  is  therefore  vital  that  decision  makers  al¬ 
ter  protection  only  in  response  to  actual  threats  against  cyberspace  re¬ 
sources;  otherwise  the  performance  of  the  elements  and  components 
can  be  degraded  to  such  a  degree  that  they  lose  utility  for  a  decision 
maker.  The  complexity  of  the  tradeoffs  between  element  security  and 
timeliness  is  the  basis  for  our  contention  that  humans  must  manage 
tactical  cyber  defenses  even  though  rapid  responses  must  be  executed  by 
intelligent  systems. 

By  using  a  multilayered,  nested  virtual  machine  approach  (figs.  3  and 
4)  as  the  basis  for  DLCD,  the  tactical  cyber  defense  can  respond  to  a 
tactical  cyber  attack  while  the  attack  is  in  progress.  A  dynamic  layered 
tactical  cyber  defense  based  upon  nested  VM  technologies  can  effec¬ 
tively  protect  the  four  cyberspace  elements. 
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Figure  3.  Nominal  dynamic  layered  cyber  defense  architecture  for  an 
element  showing  VMM  placement 
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The  importance  of  timely  and  accurate  delivery  of  cyberspace  ele¬ 
ments  to  decision-making  success  is  hard  to  overstate.18  Delay  leads  to 
failure  to  gain  or  maintain  situational  awareness,  to  failure  to  make  de¬ 
cisions,  and  to  incorrect  decisions.  The  need  to  share  some  portions 
of  each  cyberspace  element  to  develop  and  maintain  group  SA  further 
compounds  the  challenge  of  timely  and  accurate  delivery,  because  in 
modern  conflict  there  are  generally  many  decision  makers  involved  in 
the  assessment  and  decision  process  for  each  decision,  as  envisioned  in 
the  JIE.  While  cyberspace  elements  increase  in  value  when  shared,  the 
sharing  process  also  increases  the  vulnerability  of  the  element  and  of  the 
decision-making  process.  As  a  result,  when  decision  makers  are  assessing 
tactical  cyber-defense  approaches,  they  must  not  only  consider  how  best 
to  protect  the  elements  that  are  crucial  to  the  current  decision  context, 
but  also  how  to  protect  the  elements  and  components  delivered  to  all 
others  involved  in  the  same  decision.  The  tactical  cyber  defense  chal¬ 
lenge  is  increased  by  the  variability  in  the  elements  and  components  of 
cyberspace  across  different  decisions,  by  the  variability  in  the  ability  of 
a  cyberspace  element  or  component  to  decrease  uncertainty,  by  the  dif¬ 
ferences  in  the  tolerances  of  elements,  components,  and  decision  makers 
to  risk,  and  by  varying  perceptions  of  the  importance  of  each  decision 
within  the  evolving  situation. 

The  well-known  difficulty  of  cyberspace  element  value  assessment,  es¬ 
pecially  data,  is  increased  when  the  number  of  decision  makers  using  the 
same  elements  increases.  The  clear  solution  to  the  problem  is  to  assess 
cyberspace  element  and  component  value  in  a  variety  of  situations  and 
use  these  valuations  as  guides  to  cyber-defense  action  during  attacks.  We 
can  conduct  cyberspace  element  and  component  value  assessments  by 
monitoring  the  protection  choices  and  cyberspace  element  usage  choices 
made  during  decision  making  in  a  simulation  environment.  To  make 
the  assessment,  we  assume  that  the  relevant  cyberspace  elements  and 
components  employed  for  the  decision  are  important  and  that  the  other 
cyberspace  elements  and  components  that  are  not  considered  are  not  as 
important  in  that  particular  circumstance.  Nevertheless,  the  cyberspace 
elements  and  components  not  employed  in  a  decision  must  be  protected 
to  a  degree.  Human  participation  is  crucial  in  making  and  revising  ele¬ 
ment  and  component  priorities  for  tactical  cyber  defense  because  of  the 
complexities  involved  when  making  priority  assessments.  The  simulation- 
derived  priorities  can  be  used  to  guide  decision-maker  cyberspace 
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element  and  component  tactical  cyber  defense  choices  during  real-world 
cyber  attacks. 


Figure  4:  Using  nested  virtual  machines  to  protect  an  application  in  DLCD 
Training  Cyber  Defense 

As  cyber  attacks  increase  in  technical  sophistication  they  can  increase 
their  ability  to  target  specific  information,  data,  and  physical  resources, 
which  can  be  disorienting.  Even  an  attack  that  does  not  disorient  users 
can  still  produce  confusion,  which  in  turn  decreases  group  SA,  individ¬ 
ual  SA,  and  decision-making  quality.  The  inevitable  result  of  increased 
technical  sophistication  by  cyber  attackers  is  improvement  in  their  abil¬ 
ity  to  cloud  situation  awareness,  disrupt  decision  dissemination,  and 
prevent  accurate  feedback.  Preparation  for  decision  making  during  a  cy¬ 
ber  attack  requires  training  to  prepare  for  a  cyber  attack’s  psychological, 
SA,  and  decision-making  challenges  coupled  with  the  tools  for  informa¬ 
tion  analysis  and  management  needed  to  help  decision  makers  evaluate 
the  information  available  to  them,  assess  the  trustworthiness  of  the  in¬ 
formation,  and  develop  situational  awareness.  The  pursuit  of  cyberspace 
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SA  is  crucial  to  securing  cyberspace  and  to  attaining  SA  in  the  other 
parts  of  the  conflict — air,  ground,  sea,  or  space.  Because  cyberspace  SA 
for  both  individuals  and  groups  of  decision  makers  is  vital,  developing 
training  environments  for  decision  makers  and  strategic  cyber  defenders 
to  provide  experience  and  expertise  in  addressing  cyber  attacks  and  their 
attempts  to  undercut  SA  is  imperative.  The  needs  of  the  strategic  cyber 
defender  are  clear:  strategies  that  protect  elements  and  their  components 
when  under  cyber  attack  while  ensuring  decision  makers  have  the  com¬ 
ponents  of  the  cyberspace  elements  they  need. 

In  light  of  these  complementary  requirements,  strategic  cyber  de¬ 
fender  and  decision-maker  training  must  address  two  needs.  First,  to 
prepare  defenders  and  decision  makers  for  the  confusing,  contradic¬ 
tory,  and  misleading  cyberspace  elements  present  during  a  cyber  at¬ 
tack.  Training  can  prepare  them  to  cope  with  the  psychological  stresses 
caused  by  variations  in  cyberspace  element  availability  and  quality.  A 
key  aspect  of  this  training  must  be  learning  to  assess  cyberspace  element 
value,  both  as  it  relates  to  the  value  (importance)  of  available  elements 
in  relation  to  current  decisions  as  well  as  relative  to  the  value  of  the  ele¬ 
ments  compromised.  Decision  makers  must  learn  that  cyberspace  ele¬ 
ment  value  is  not  correlated  with  security  classification.  The  defenders 
also  need  to  evaluate  effectiveness  of  various  strategies  to  counter  cyber 
attacks  and  campaigns.  The  second  need  is  to  prepare  decision  makers  to 
exploit  cyberspace  dominance  via  effective  employment  of  trustworthy 
data  analysis/comprehension  (such  as  analysis  based  upon  big  data)  and 
data  interaction/management  technologies.  Analysis,  comprehension, 
and  interaction  must  be  performed,  in  part,  automatically  due  to  the 
volume  of  data  available.  Nevertheless,  decision  makers  must  learn  how 
to  navigate  cyberspace,  how  to  use  visualizations  as  viewports  into  criti¬ 
cal  portions  of  cyberspace,  how  to  compare  and  compose  visualizations 
to  provide  needed  insights,  how  to  identify  and  exploit  key  data,  and 
how  to  coordinate  their  navigation,  analysis,  and  comprehension  efforts 
despite  cyber  attacks  designed  to  undermine  these  efforts. 

The  challenges  posed  to  strategic  cyber  defense  in  addressing  these 
two  needs  are  significant,  because  achieving  and  maintaining  broad- 
spectrum  defensive  cyberspace  dominance  is  increasingly  difficult  and 
unreliable  due  to  improvements  in  tactical  cyber-attack  technologies. 
The  crucial  challenge  in  strategic  cyber  defense  lies  in  determining  which 
defense  to  employ  in  light  of  which  elements  require  improvement  in 
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tactical  cyber  defense  and  which  elements  are  adequately  defended  in 
the  current  decision-making  context.  Because  of  the  volume  of  data  that 
must  be  considered  and  the  rapid  pace  of  activity,  the  strategic  cyber 
defender  as  well  as  the  decision  maker  must  be  prepared  for  the  confus¬ 
ing  and  novel  information  circumstances  they  will  encounter.  Exposure 
to  simulated  cyber  attacks  can  prepare  the  strategic  cyber  defender  to 
accomplish  proper  assessment  of  cyber  circumstances  and  to  select  the 
most  advantageous  strategic  and  tactical  cyber  defense  responses  to  cy¬ 
ber  attacks. 

Preparation  of  strategic  cyber  defenders  is  critical  because  instinctive 
behaviors  exhibited  in  the  face  of  uncertainty  are  invariably  incorrect 
and  counterproductive.  Under  stress,  instinctive  behaviors  are  adopted. 
Stress-induced  behaviors  lead  to  the  use  of  emotional  bias  to  make  de¬ 
cisions  (making  the  decision  that  enables  the  person  feel  that  a  more 
positive  outcome  is  likely),  to  expectation  bias  (the  expectation  that  the 
things  the  person  wants  to  happen  will  happen),  to  loss/risk  aversion 
(the  tendency  to  value  choices  that  seem  to  minimize  risk  and  loss  in 
spite  of  any  evidence  or  data  to  the  contrary),  and  to  the  adoption  of  the 
sunk-cost  fallacy  (wherein  the  tendency  is  to  continue  an  action  because 
the  decision  maker  believes  the  situation  will  not  get  worse  or  because 
the  decision  maker  has  a  vested  emotional  and  ego  interest  in  continuing 
the  same  course  of  action).  Finally,  instinctive  behaviors  may  also  lead 
to  past-fixation  (the  tendency  to  make  decisions  based  on  the  expecta¬ 
tion  that  conditions  that  existed  in  the  past  will  recur  despite  the  fact 
that  they  can  never  recur).  Countering  instinctive,  counterproductive 
behaviors  is  difficult  and  should  be  one  of  the  main  concerns  of  strategic 
cyber  defense  training  via  simulation. 

The  tools  and  training  required  by  strategic  cyber  defenders  and  deci¬ 
sion  makers  to  prepare  them  for  the  challenges  of  cyber  conflict  must 
address  three  classes  of  cyber  situations:  operations  during  normal  con¬ 
ditions,  operations  during  a  cyber  attack,  and  operations  after  a  cyber 
attack.19  The  training,  techniques,  and  tools  that  are  vital  in  these  three 
circumstances  can  be  developed  using  simulation  environments  de¬ 
signed  to  provide  the  following  capabilities:  (1)  improve  understanding 
of  the  challenges  posed  during  a  cyber  attack,  (2)  test  and  evaluate  cyber 
defense  tools,  techniques,  and  training,  (3)  practice  using  cyber  defense 
tools  and  techniques  to  acquire  expertise,  and  (4)  assess  cyber  element 
value  during  a  wide  array  of  circumstances  to  determine  how  best  to 
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deploy  cyber  defenses.  The  tools,  techniques,  and  training  must  be  ex¬ 
tensive  and  flexible  so  they  can  be  readily  altered  to  address  new  cyber 
threats  and  tactical  cyber  attacks  as  they  arise  or  become  possible.20 

Training  Cyber  Defense  through  Simulation 

Cyber- attack  simulation  is  the  only  means  to  prepare  decision  makers 
for  the  complexity  of  the  inevitable  attacks  upon  cyberspace  elements.  It 
is  the  best  means  available  to  determine  the  strategies  to  be  used  to  se¬ 
cure  the  critical  elements  of  cyberspace  in  support  of  the  decision  mak¬ 
ers’  needs. 

Simulation  provides  a  safe  and  flexible  way  to  prepare  strategic  cyber 
defenders  and  decision  makers  for  the  challenges  faced  in  a  cyber  attack 
as  well  as  for  assessing  cyberspace  element  protection  techniques  and 
defense  strategies.  Cyber- attack  simulation  can  provide  an  environment 
that  allows  decision  makers  and  strategic  cyber  defenders  to  practice  so 
that  their  decisions  and  activities  in  the  real  world  will  produce  an  effec¬ 
tive  strategic  cyber  defense,  adequate  SA,  and  effective  decisions.  To  scale 
as  technologies  evolve,  cyber-attack  simulation  must  portray  attack  and 
defense  actions  in  a  manner  that  corresponds  to  how  these  actions  are 
perceived  by  humans,  even  as  the  attack  proceeds  and  defenses  succeed 
or  fail  in  the  simulation  environment.  To  achieve  these  goals,  the  cyber 
simulation  environment  must  capture  and  represent  the  activities  of  the 
decision  makers  and  strategic  cyber  defenders,  the  attacker  and  defender 
goals,  the  sequence  of  operations  the  attacker  will  execute,  the  activities 
of  the  tactical  cyber  defense,  logical  and  physical  data  location(s),  and 
the  potential  responses  of  the  attackers  and  defenders  to  each  others’ 
actions.  In  previous  works,  we  described  cyber- attack  simulation  tech¬ 
niques  that  can  be  used  to  model  cyber  operations,  their  components, 
and  possible  responses  to  defensive  actions.21 

The  simulation  of  cyber  attacks  presents  a  number  of  analysis  and 
assessment  challenges,  all  of  which  concern  determining  the  status  and 
importance  of  the  cyberspace  elements  available  to  decision  makers.  Pre¬ 
vious  studies  of  the  importance  of  data  to  decision  making  as  well  as 
the  challenges  posed  by  contradictory  or  confusing  data  can  be  used 
as  a  basis  for  determining  how  to  alter  cyberspace  elements  and  their 
components  in  response  to  a  simulated  cyber  attack.  To  simulate  a  cyber 
attack,  we  need  only  affect  the  cyberspace  elements  available  to  users; 
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we  do  not  need  to  infect  or  corrupt  computers  or  their  software.  For 
realistic  simulation,  the  stimuli  and  cyberspace  elements  provided  to 
decision  makers  must  contain  the  noise,  discontinuities,  and  errors  of 
the  type  that  would  be  caused  by  the  actual  cyber  activity  so  the  deci¬ 
sion  maker  and  cyber  defenders  are  accustomed  to  cyber  attacks  as  they 
might  unfold  in  the  real  world.  The  same  simulation  environment  can 
be  used  to  assess  cyberspace  element  value  and  to  develop  procedures  for 
continuing  operations  in  the  face  of  cyber  attacks. 

Four  simulation  goals  are  necessary  to  prepare  decision  makers  and 
cyber  defenders  for  cyber  attacks.  First,  teaching  them  how  to  deter¬ 
mine  the  targets  of  cyber  attacks.  Second,  teaching  them  the  techniques 
and  tactics  likely  to  be  used  against  targets.  Third,  teaching  the  deci¬ 
sion  makers  and  cyber  defenders  the  effects  of  each  type  of  attack  and 
the  techniques  and  tools  that  should  be  used  to  counteract  each  type 
of  cyber  attack.  Fourth,  teaching  them  the  means  for  explicitly  assess¬ 
ing  cyberspace  element  value  and  deploying  cyber  defenses  to  protect 
the  highest  value  information.  An  additional  consideration  for  defend¬ 
ers  is  exploring  strategies  and  tactics  to  assess  their  usefulness.  Cyber 
simulation  can  achieve  these  goals.  To  minimize  the  development  cost 
of  simulation  environments,  current  simulation  systems  can  be  coupled 
with  cyber  simulation  systems,  as  illustrated  in  figure  5.  The  scenarios 
to  be  executed  in  the  cyber  simulation  are  described  using  the  Unified 
Modeling  Language  (UML).22  To  create  realistic  cyber  simulation  envi¬ 
ronments,  the  components  of  the  cyber  simulation  environment  must 
exchange  information  about  the  cyber  attack  and  cyber  defense,  the  sta¬ 
tus  of  the  cyber  event,  and  portray  the  results  of  the  cyber  attack  and 
defensive  responses. 

The  key  to  this  approach  is  recognizing  that  simulating  a  cyber  attack 
only  requires  affecting  the  information  presented  to  the  users  in  the 
simulation  environment.  Therefore,  to  prepare  for  the  SA  and  decision¬ 
making  challenges  faced  during  a  cyber  attack,  only  the  presentation  of 
the  cyberspace  elements  must  be  altered;  the  “true”  elements  and  their 
values  need  not  be  altered.  Three  approaches  are  available  to  affect  ele¬ 
ment  presentation:  increase  the  amount  of  information  presented  via 
an  element,  block  information  needed  by  a  user  that  is  provided  by  an 
element,  and  substitute  false  information  for  the  actual  information  pre¬ 
sented  via  an  element.  For  example,  a  user  can  be  given  an  overwhelm¬ 
ing  amount  of  data,  denied  data,  or  given  a  mixture  of  accurate  and  false 
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data.  Other  techniques  that  can  be  used  to  simulate  a  cyber  attack  are: 
instructing  every  simulation  host  to  replicate  every  message  received  at 
the  host  but  with  the  number  of  messages  received  changed  by  a  random 
but  small  amount,  instructing  every  simulation  host  to  duplicate  the 
same  information  in  numerous  windows,  or  instructing  every  simula¬ 
tion  host  to  remove  random  words  from  each  message.  The  effects  of 
these  simple  measures  can  be  compounded  if  false  messages  are  repeated 
at  random  time  intervals  after  the  first  receipt  of  the  message. 


Figure  5.  Conceptual  cyber  simulation  environment 

A  cyber  training  simulation  environment  (see  fig.  5)  must  accomplish 
three  tasks  to  achieve  its  training  goals:  determine  if  a  simulated  cyber 
attack  is  successful,  determine  the  effect  of  the  simulated  cyber  attack 
upon  each  host  and  its  data,  and  portray  simulated  cyber  defensive  re¬ 
sponses  to  the  simulated  attack.  In  the  illustrated  approach,  each  host 
has  a  cyber  simulator  that  services  the  host  and  provides  these  three 
capabilities.  The  cyber  simulator  provides  each  host  with  inputs  needed 
to  portray  the  effects  of  simulated  attacks  and  defense  responses.  The 
simulation  systems  communicate  with  each  other  using  a  logically  sepa¬ 
rate  cyber  simulation  network  to  achieve  a  consistent  cyber  state  across 
the  simulation  environment. 

At  each  step  of  the  cyber  attack  and  cyber-defensive  response,  the 
simulation  environment  must  provide  appropriate,  realistic  indications 
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of  the  status  of  the  attack  and  cyberspace  elements  status/values  so  they 
reflect  the  delays  and  alterations  that  would  occur  in  the  corresponding 
real-world  cyber  attack.  For  example,  changes  in  the  tactical  cyber  de¬ 
fense  that  increase  or  decrease  the  depth  of  defense  would  be  reflected  in 
increased  or  decreased  delays  in  data  transport.  The  simulation  architec¬ 
ture  allows  cyber  defenders  to  alter  the  types  and  configurations  of  the 
tactical  cyber  defense  at  any  time.  As  a  result  of  exposure  to  a  realistic 
cyber  defense  and  attack  environment,  the  defender  and  decision  maker 
can  experience  the  effects  of  their  defensive  choices  and  experiment  with 
dynamic  techniques. 

An  example  scenario  illustrates  how  the  cyber  simulation  environment 
can  be  used  to  prepare  decision  makers  and  strategic  cyber  defenders  for 
attacks.  The  cyber  simulation  environment  could  be  tasked  to  provide 
experience  in  using  information  analysis  and  navigation  technologies 
to  detect  the  presence  of  a  botnet.  The  botnet  detection  methods  in¬ 
troduced  could  include  analysis  of  specific  network  and/or  cloud  traffic 
flows,  analysis  of  aggregate  network  and/or  cloud  traffic  data,  variations 
in  data  volume,  variations  in  network  traffic  sources  and  destinations, 
and  other  atypical  behavior.  The  training  environment  would  prepare 
the  decision  makers  and  defenders  for  the  real  world  where  one  indica¬ 
tor  of  infection  is  not  enough.  In  practice,  confirmation  of  a  botnet 
infection  requires  multiple  indicators  to  achieve  robustness  of  confir¬ 
mation  by  providing  both  the  ability  to  corroborate  data  of  dubious  or 
variable  dependability  and  minimize  the  false  alarm  rate. 

In  figure  6,  “protection”  or  “value”  rings  are  used  to  prioritize  the 
four  cyberspace  element  components.  The  rings  correspond  to  the  value 
and  priorities  assigned  to  each  cyberspace  element’s  protection.  For  the 
strategic  cyber  defender,  the  ring  model  can  be  used  to  guide  resource 
allocation  as  well  as  decisions  to  isolate  systems  or  subsystems  that  are 
compromised.  In  the  ring-modeling  approach,  the  closer  the  rings  are  to 
the  center,  the  greater  value,  importance,  and  usefulness  (of  that  cyber 
element)  is  in  the  decision  context.  The  number  of  rings  and  the  content 
of  each  ring  are  determined  by  the  decision-making  context.  As  a  result, 
the  number  and  content  of  rings  for  each  element  vary  dynamically. 
We  use  one  set  of  rings  for  each  of  the  four  elements.  Each  cyberspace 
element  ring  contains  components  of  approximately  the  same  impor¬ 
tance  for  that  element  in  a  decision-making  context.  The  ring  model 
also  serves  to  simplify  the  cyber- attack  simulation  challenge.  To  simulate 
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an  attack  within  a  decision-making  context,  we  affect  the  elements  and 
components  needed  in  the  decision  context  by  simulating  the  modifica¬ 
tion  of  the  content  of  the  specific  rings  for  those  elements  of  defensive 
cyberspace  that  are  compromised.  The  decision,  type  of  cyber  attack, 
the  tactical  cyber  defenses,  the  expertise  of  the  decision  maker,  and  the 
learning  outcome(s)  for  the  simulation  exercise  determine  the  number  of  rings 
affected  for  each  element  and  the  elements  components  that  are  altered. 


Cyber  Space 


Figure  6.  Framework  for  modeling  relative  importance  of  the  components 
of  cyberspace  elements 


A  cyber  simulation  training  environment  can  prepare  decision  makers  to 
proactively  alter  tactical  cyber  defenses,  prioritize  data,  prioritize  the  ele¬ 
ments  of  cyberspace,  and  operate  during  a  strategic  cyber  attack  wherein 
some  cyberspace  elements  and  components  are  compromised  to  an  un¬ 
certain  degree. 

The  simulation  approach  described  above  allows  us  to  address  the 
four  decision-maker  and  cyber  defender  training  considerations  with 
minimal  risk  to  real-world  cyberspace  coupled  with  high  fidelity  in  the 
cyberspace  simulation  environment.  The  simulation  problem  that 
remains  is  determining  cyberspace  metrics  for  assessing  both  simulated 
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and  real-world  cyberspace  status  and  for  developing  situational  aware¬ 
ness.  Cyberspace  metrics  must  provide  insight  into  cyberspace  state, 
cyber- attack  attempts,  cyber- attack  targets,  the  degree  of  a  cyber  attack’s 
success,  and  the  effectiveness  of  deployed  cyber  defenses  at  the  element 
and  component  levels.23 

Summary  and  Open  Issues 

Cyber  dominance  has  one  goal,  the  command  of  cyberspace  elements. 
While  decision  makers  implicitly  expect  cyberspace  dominance,  it  is  not 
assured  in  light  of  current  tactical  cyber- attack  technologies  and  tactical 
cyber  defense  technologies.  Achieving  cyber  dominance  will  not  guarantee 
victory  for  a  data  centric  force;  however,  the  lack  of  cyber  dominance 
will  almost  certainly  ensure  its  defeat.  Any  approach  to  cyber  dominance 
must  possess  two  crucial  traits:  the  approach  must  enhance  defensive 
cyber  security  and  maintain  system  reliability  during  cyber  attack.  The 
approach  described  above  for  achieving  defensive  cyber  dominance  calls 
for  DLCD  coupled  with  simulation  training  to  assist  decision  makers 
and  strategic  cyber  defenders.  It  can  provide  experience  needed  to  allow 
decision  makers  to  operate  within  a  compromised  defensive  cyber  envi¬ 
ronment  and  to  identify,  analyze,  and  predict  the  objectives  and  presence 
of  cyber  attacks.  The  same  approach  also  permits  the  development  and 
evaluation  of  strategic  cyber  defense  options  to  employ  against  various 
cyber  attacks  and  campaigns.  The  approach  complements  the  JIE  or 
similar  dataflow  architectures  and  their  tactical  cyber  defense  technologies. 

As  cyber  technologies  improve,  the  challenges  to  achieving  cyber 
dominance  will  increase.  Additionally,  the  intricacy  of  future  cyber  systems 
and  cyberspace  will  increase,  as  witnessed  by  the  development  of  inter¬ 
cloud  technologies,  “smart  grid”  technologies  for  remote  control  and 
management  of  real-world  infrastructure  (SCADA  systems),24  IPv6  de¬ 
ployment,  and  the  “Internet  of  Things.”27  We  expect  that  the  increasing 
power  of  computing  technologies  and  the  increasing  complexity  of  tac¬ 
tical  and  strategic  cyber  attacks  will  compound  the  difficulties  posed  to 
the  cyber  defender  and  create  new  pathways  for  executing  cyber  attacks. 

Preparation  for  future  cyber  attacks  requires  the  development  of  train¬ 
ing  systems  that  impart  the  experience  and  expertise  needed  to  make 
effective  strategic  and  tactical  cyber  defense  possible.  While  the  requi¬ 
site  training  systems  can  now  be  deployed,  before  an  all-inclusive  cyber 
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simulation  environment  can  be  fielded  for  training  purposes,  further 
research  and  development  to  advance  cyber  battle  understanding,  human 
behavior  modeling,  intent  inferencing,  information  display,  data  mining, 
and  decision  making  during  cyber  conflict  and  strategic  cyber  defense 
must  be  conducted.  An  additional  important  area  of  investigation  is 
gaining  a  better  understanding  of  decision  making  and  situational 
awareness  within  large-scale  and  high-volume  data  environments  that 
have  noise  and  uncertainty  inherent  to  the  data  as  well  as  due  to  cyber 
attacks.  The  required  research  in  high-data-volume  environments  lies  at 
the  intersection  of  machine  learning,  data  mining,  game  theory,  large- 
scale  data  analysis,  and  SA  development  technologies.  A  final  area  of  further 
research  is  assessment  of  the  effectiveness  of  tactical  cyber  defense 
options  best  suited  to  achieve  each  desired  cyber-defense  strategy. 

While  deception  and  information  denial  operations  are  as  ancient  as 
warfare  itself,  technically  sophisticated  cyber  attacks  permit,  for  the  first 
time,  a  wide-scale,  persistent,  and  virtually  undetectable  attack  upon 
the  data,  tools,  and  other  elements  of  cyberspace  that  a  decision  maker 
routinely  employs.  The  technically  sophisticated  cyber  attack  of  the 
future  will  destroy  or  corrupt  data,  surprise  decision  makers,  generate 
confusion,  delay  response,  and  greatly  increase  what  Clausewitz  calls  the 
“fog  and  friction”  in  war.  Because  cyberspace  will  be  contested,  decision 
makers  must  be  prepared  for  strategic  cyber  attacks  designed  to  under¬ 
mine  their  decision-making  ability.  To  be  unprepared  for  the  effects  of 
a  strategic  cyber  attack  is  to  remain  in  needless  peril.  In  the  future,  ad¬ 
dressing  the  strategic  cyber-attack  challenge  will  become  more,  not  less, 
critical  to  success.26 


Glossary 

cloud  computing — a  model  for  enabling  ubiquitous,  on-demand 
network  access  to  a  shared  pool  of  configurable  computing  resources 
(e.g.,  networks,  servers,  storage,  applications,  and  services)  that  can  be 
rapidly  provisioned  and  released  with  minimal  management  effort  or 
service  provider  interaction. 

component-level  metrics — measure  the  performance  of  specific 
characteristics  of  a  cyberspace  component.  Example  components  include 

(1)  the  number  of  page  swaps  per  time  interval  in  each  virtual  machine, 

(2)  the  average  elapsed  time  before  a  page  is  swapped  in  a  virtual  machine, 
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(3)  average  elapsed  time  to  migrate  a  virtual  machine  from  one  host 
to  another,  and  (4)  the  average  time  to  execute  RC4  encryption  a  set 
number  of  times  on  a  specified  clear  text  input  among  different  virtual 
machines  and  others.27 

cyber  attack — an  application  of  cyber  security  technologies  within 
cyberspace  with  the  intent  of  degrading  an  adversary’s  data,  computing 
technologies,  information  analysis/comprehension  and/or  information 
interaction/management  capability  to  one’s  advantage. 

cyber  defense — the  application  of  cyber  security  technologies  to  protect 
one’s  portion  of  cyberspace  to  secure  data  and  computing  technologies 
as  well  as  protect  information  analysis/comprehension  and  information 
interaction/ management  capabilities. 

cyber  security  technologies — the  subset  of  computing  technologies 
used  either  to  protect  one’s  own  data,  information  analysis/comprehension 
technologies,  computing  technologies,  and  information  interaction/ 
management  technologies  or  to  undermine  those  of  an  adversary. 

cyberspace — composed  of  four  elements:  (1)  data,  (2)  computing 
technologies  (such  as  computer  hardware,  computer  software,  computer 
networks/infrastructure,  network  protocols,  virtualization,  and  cloud 
computing),  (3)  information  analysis/comprehension  technologies  (includ¬ 
ing  information  visualization,  artificial  intelligence,  collaboration,  data 
mining  technologies,  and  big  data  technologies),  and  (4)  information 
interaction/ management  technologies  (including  human-computer  inter¬ 
action,  intelligent  agents,  human  intent  inferencing,  and  database  tech¬ 
nologies). 

digital  certificate — a  signed  public  key.  A  trusted  authority  signs  the 
digital  certificate  before  it  is  issued. 

DNSSEC  (Domain  Name  System  Security  Extensions  Convention) — 
a  set  of  Internet  engineering  task  force  (IETF)  specifications  for  securing 
certain  kinds  of  information  provided  by  the  Domain  Name  System 
(DNS)  on  Internet  protocol  (IP)  networks.  A  domain  name  server  man¬ 
ages  the  domain  names  repository  and  provides  name  resolution  for  an 
internet  zone.  The  DNSSEC  specifications  are  covered  by  Request  for 
Comments  (RFC)  4033,  4034,  4035,  and  3833  at  http://www.ietf.org 
/  rfc.html. 

exploit — software  that  attacks  a  cyber  security  vulnerability. 

(human)  intent  inferencing — an  artificial  intelligence-based  tech¬ 
nique  used  to  provide  an  intelligent  user  interface  in  which  the  goals  of 
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the  user  are  deduced  based  upon  a  history  of  user  actions  and  a  comput¬ 
able  representation  of  the  current  mission.28 

information  stream — a  logical  path  through  the  architecture  from 
an  information  source  to  a  designated  information  sink. 

IPSEC  (Internet  Protocol  Security)  is  a  set  of  protocols  for  securing 
IP  communications  at  the  network  layer,  layer  3  of  the  OSI  model,  by 
authenticating  and/or  encrypting  each  IP  packet  in  a  data  stream.  IPSEC 
includes  protocols  for  cryptographic  key  establishment. 

intercloud — a  model  for  computing  based  on  a  cloud  composed  of 
computing  clouds. 

malware — software  used  to  disrupt  computer  operation,  gather  sensi¬ 
tive  information,  or  gain  access  to  private  computer  system.  It  includes 
computer  viruses,  ransomware,  backdoors,  worms,  Trojan  horses,  root- 
kits,  spyware,  rogue  security  software,  and  other  malicious  software.  The 
type  of  malware  is  classified  based  on  how  it  is  executed,  how  it  spreads, 
and  what  it  does.  A  virus  is  malware  that  can  execute  itself  by  placing 
its  own  code  in  the  execution  path  of  another  program  and  can  replicate 
itself  by  replacing  existing  computer  files  with  copies  of  itself.  A  Trojan 
is  a  hidden  program  that  masquerades  as  a  benign  application.  A  worm 
does  not  require  a  host  program  to  propagate  but  enters  a  computer 
through  a  weakness  in  the  computer  system  defenses  and  propagates  us¬ 
ing  network  traffic  security  flaws.  A  backdoor  is  software  that  allows  access 
to  the  computer  system  by  bypassing  normal  authentication  procedures. 

rootkit — malware  that  hides  traces  of  an  attack,  installs  Trojans  and 
backdoors,  provides  the  attacker  with  root  control  of  the  system,  and 
enables  further  malicious  activity. 

situational  awareness  (SA) — “the  perception  of  the  elements  in  the 
environment  within  a  volume  of  space  and  time,  the  comprehension  of 
their  meaning,  the  projection  of  their  status  into  the  near  future,  and 
the  prediction  of  how  various  actions  will  affect  the  fulfillment  of  one’s 
goals.”29  Endsley  identifies  four  components  of  situational  awareness: 
perception  (what  are  the  facts),  comprehension  (understanding  the 
facts),  projection  (anticipation  based  upon  understanding),  and  pre¬ 
diction  (evaluation  of  how  outside  forces  may  act  upon  the  situation  to 
affect  your  projections).  These  stages  are  similar  to  but  not  identical  with 
Boyd’s  observe-orient-decide-act  (OODA)  loop  construct.30 
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smart  grid — employs  computer-based  remote  control  and  automa¬ 
tion  on  all  elements  of  electrical  power  delivery  to  optimize  electrical 
power  generation  and  distribution. 

software  gauge — software  that  converts  data  collected  by  a  software 
probe  into  a  measure  that  is  meaningful  for  a  particular  system  for  the 
purpose  of  performance  tuning,  information  assurance,  functional  vali¬ 
dation,  compatibility,  or  assessment  of  operational  correctness. 

software  probe — software  that  interacts  with  an  operating  system,  oper¬ 
ational  application,  or  subset  of  an  application  to  collect  data  for  a  gauge(s). 

virtualization — a  technique  for  emulating  a  computing  resource  and 
for  hiding  the  physical  characteristics  of  computing  resources  from  the 
systems,  applications,  or  end-users  that  interact  with  those  resources. 
Virtualization  exploits  virtual  machine  technologies.  Virtualization 
technologies  provide  six  key  benefits:  (1)  efficient  use  of  computing  re¬ 
sources,  which  reduces  information  technology  infrastructure  and  envi¬ 
ronmental  (power,  cooling,  and  real  estate)  requirements;  (2)  fault  isola¬ 
tion  in  which  an  application  error,  operating  system  crash,  or  user  error 
in  one  virtual  machine  will  not  affect  the  use  of  other  virtual  machines  on 
the  same  system;  (3)  increased  security  where  vulnerabilities  or  exploits 
can  be  contained  and  quarantined  in  a  single  virtual  machine  without 
affecting  the  entire  system;  (4)  rapid  provisioning  through  file  copy  or 
volume  cloning  used  to  rapidly  create  new  virtual  machines;  (5)  flexibly 
in  managing  change  to  include  the  ability  to  scale  according  to  the  de¬ 
mand  for  services,  unique  operating  systems,  and  service  provisioning; 
and  (6)  portability  through  the  abstraction  of  devices  combined  with 
the  encapsulation  of  virtual  data  in  virtual  disks.  Virtualization  is  a  key 
technology  for  cloud  computing. 

Additional  definitions  are  available  at  http://www.sans.org/security 
-resources/ glossary-of-terms/ and  http:/ / csrc.nist.gov/publications/ nistir 
/ir7298-revl/nistir-7298-revisionl.pdf.  KBflfi 


Notes 
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nologies,  (3)  information  interaction  and  management  technologies,  and  (4)  information  analysis  and 
comprehension  technologies. 
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Senior  Col  Ye  Zheng  and  his  colleague  Zhao  Baoxian,  stress  in  China  Youth  Daily  the  importance  of 
China’s  cyber  warfare  capabilities,  concluding  that  “just  as  nuclear  warfare  was  the  strategic  war  of  the 
industrial  era,  cyber-warfare  has  become  the  strategic  war  of  the  information  era,  and  this  has  become  a 
form  of  battle  that  is  massively  destructive  and  concerns  the  life  and  death  of  nations”  See  also  R.  A.  Clarke 
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China:  An  Unlikely  Economic  Hegemon 

Heather  Fox,  Major,  USAF 


Before  any  nation  can  achieve  hegemon  status,  it  must  have  economic 
strength.  Numerous  authors  note  that  a  strong  economic  base  is  the  seed 
from  which  all  other  sources  of  national  power  emerge  and  hence  can  be 
considered  a  type  of  national  foundation.  Martin  Jaques,  for  example, 
states  that  “military  and  political  power  rest  on  economic  strength.”1 
Economics  forms  the  support  base  for  national  power,  and  major  inter¬ 
national  power  shifts  typically  emerge  as  a  result  of  economic  develop¬ 
ments,  not  military  power  or  political  influence,  as  Paul  Kennedy’s 
research  into  several  centuries  of  global  power  politics  highlights: 

There  is  detectable  a  causal  relationship  between  the  shifts  which  have  occurred 
over  time  in  the  general  economic  and  productive  balances  and  the  position 
occupied  by  individual  powers  in  the  international  system  .  .  .  economic  shifts 
heralded  the  rise  of  new  Great  Powers  which  would  one  day  have  a  decisive 
impact  upon  the  military/ territorial  order.  This  is  why  the  move  in  global  pro¬ 
ductive  balances  toward  the  “Pacific  rim”  which  has  taken  place  over  the  past 
few  decades  cannot  be  of  interest  merely  to  economists  alone.2 

China  continues  to  grow  economically  at  what  some  consider  an 
alarming  rate.3  Meanwhile,  the  United  States,  struggling  with  budget 
woes  and  sequestration,  remains  the  world’s  preeminent  economic  and 
military  leader  but  in  decline  relative  to  China.  The  relationship  between 
these  two  nations  and  the  comparative  power  they  possess  may  well  lay 
the  foundation  for  future  global  power  shifts  impacting  not  just  China 
and  the  United  States,  but  indeed  the  entire  international  community.4 
However,  while  China  is  still  expected  to  become  extremely  powerful, 
it  may  not  rise  to  the  level  many  expect  due  to  three  limiting  factors: 
currency,  exports,  and  demographics.  These  factors,  along  with  mutual 
dependency  between  the  two  nations,  have  implications  for  US  policy 
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toward  China.  Thus,  it  is  in  the  best  interest  of  the  United  States  to  form 
a  coherent  long-term  plan  to  best  engage  China  in  a  way  that  avoids  fric¬ 
tion  and  promotes  prosperity  for  both  states. 

Certainly,  other  factors  may  significantly  shape  China’s  future,  includ¬ 
ing  domestic  unrest,  politics,  resource  consumption,  and  military  capability. 
But  it  is  the  concept  of  economics  as  the  base  of  power  that  makes  China’s 
rise  signifi candy  important  to  the  United  States.  While  the  intent  here 
is  not  to  predict  China’s  economic  future — indeed  doing  so  with  any 
certainty  would  be  difficult — formulating  long-term  US  policies  toward 
China  would  be  better  informed  by  considering  the  major  factors  which 
might  impact  its  economy  rather  than  simply  extending  current  eco¬ 
nomic  growth  trends  without  considering  dynamics  that  may  change 
its  trajectory.5  This  root  of  Chinese  power  must  be  understood  for  the 
United  States  to  successfully  relate  to  China,  influence  it  when  neces¬ 
sary,  and,  if  extreme  circumstances  require,  counter  it. 

China’s  Rising  Economy 

Experience:  that  most  brutal  of  teachers.  But  you  learn,  my  God 
do  you  learn. 

— Generally  attributed  to  C.  S.  Lewis 

China  began  economic  reforms  in  1978  allowing  more  private  owner¬ 
ship,  property  rights,  and  international  free  trade  while  still  imposing 
significant  central  government  influence.  Even  with  a  recent  slowdown, 
its  economy  has  increased  under  these  changes  at  a  stunning  annual 
rate  of  around  8-10  percent.6  Since  overtaking  Japan  in  2010,  China 
now  boasts  the  second  largest  gross  domestic  product  (GDP)  behind  the 
United  States  and  is  expected  to  surpass  the  US  economy  in  about  a  de¬ 
cade  if  it  continues  to  grow  at  the  present  rate.7  This  rising  economy,  in 
conjunction  with  the  world’s  largest  foreign  exchange  reserve  holdings 
of  $3  trillion,  bestows  significant  financial  power.8  Arvin  Subramanian 
notes  that  China  is  also  emerging  as  a  global  creditor  and  is  in  fact  the 
largest  supplier  of  funds  to  the  United  States,  creating  the  potential  for 
escalating  impact.  He  points  out  that  “being  a  leading  financier  confers 
extraordinary  influence  over  other  countries  that  need  funds,  especially 
in  times  of  crisis.”9 
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Many  believe  China’s  economic  rise  and  gathering  power  will  con¬ 
tinue,  hence  the  predictions  of  surpassing  the  United  States  in  the  com¬ 
ing  decades.  Institutions  such  as  Goldman  Sachs  and  the  Carnegie  Endow¬ 
ment  predict  China  will  surpass  the  US  economy  by  2027  or  2035, 
respectively.10  Economist  Robert  Fogel  expects  that  “by  2040  China 
not  only  will  have  long  since  surpassed  the  United  States,  but  also  its 
economy  will  be  nearly  three  times  as  large  and  will  account  for  fully 
40  percent  of  total  world  output.”11  In  a  Foreign  Policy  article,  Fogel 
contends,  “According  to  my  forecasts,  China’s  share  of  global  GDP — 40 
percent — will  dwarf  that  of  the  United  States  (14  percent)  and  the  Euro¬ 
pean  Union  (5  percent)  30  years  from  now.”12 

Viewing  Fogel’s  Foreign  Policy  article  alongside  his  National  Bureau 
of  Economic  Research  working  paper  reveals  his  2040  model  is  based 
on  China  maintaining  an  8  percent  GDP  growth  rate  with  essentially 
only  positive  influences  on  its  economy,  such  as  growth  in  education 
and  rural  production.13  A  2010  Economist  article  predicts  China  over¬ 
taking  the  United  States  sometime  in  the  2019-22  range.  Factors  cited 
for  this  conclusion  include  GDP  growth,  inflation,  and  the  increasing 
value  of  the  yuan.  Importantly,  this  article  implies  the  increasing  value 
of  the  yuan  will  enable  China  to  fiscally  overtake  the  United  States,  but 
it  gives  no  mention  to  the  dynamic  of  that  increasing  value  having  a  detri¬ 
mental  impact  on  exports.14  In  fact,  these  predictions  do  not  give  much, 
if  any,  consideration  to  China’s  major  economic  limitations.  Fogel’s  only 
nod  to  potential  problems  is  his  reference  to  skeptics  pointing  out  is¬ 
sues  such  as  “rising  income  inequality,  potential  social  unrest,  territorial 
disputes,  fuel  scarcity,  water  shortages,  environmental  pollution,  and  a 
still-rickety  banking  system,”  to  which  he  replies,  “Although  the  critics 
have  a  point,  these  concerns  are  no  secret  to  China’s  leaders;  in  recent 
years,  Beijing  has  proven  quite  adept  in  tackling  problems  it  has  set  out 
to  address.”15 

In  the  event  these  predictions  are  correct  and  China’s  GDP  surpasses 
that  of  the  United  States  between  2020  and  2040,  having  a  larger  GDP 
does  not  necessarily  bestow  the  title  “hegemon”  to  China.  One  can  argue 
the  legitimacy  of  referring  to  China  as  an  economic  hegemon  if  the 
US  dollar  and  European  Union  euro  are  still  the  leading  international 
currencies  and  China  has  only  risen  to  this  status  by  playing  outside 
the  rules  by  which  other  trading  nations  abide.  China  will  certainly  be 
powerful,  but  without  control  of  the  dominant  international  currency 
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and  faced  with  potentially  constant  global  pressure  to  change  practices, 
its  leadership  and  influence  will  be  significantly  limited.  China’s  massive 
reserves  and  rising  GDP  may  provide  economic  power,  but  the  practices 
it  will  have  to  use  to  get  to  this  predicted  position  certainly  are  not  those 
of  a  leader. 

Even  if  China’s  GDP  does  lead  the  world,  so  long  as  the  yuan  is  not 
completely  free  nor  the  leading  global  reserve  currency  and  China  uses 
unfair  practices  to  gain  an  advantage,  it  will  not  be  the  global  economic 
hegemon.  For  these  and  other  reasons,  such  as  high  raw  material  con¬ 
sumption  and  lack  of  soft  power,  David  Shambaugh  refers  to  China  as 
a  “partial  power”  having  broad  but  not  necessarily  deep  global  power 
to  influence.  “China  is  a  global  actor  without  (yet)  being  a  true  global 
power — the  distinction  being  that  true  global  powers  influence  other 
nations  and  events.  Merely  having  a  global  presence  does  not  equal  having 
global  power  unless  a  nation  influences  events  in  a  particular  region 
or  realm.”16 

Despite  this  partial  power  concept,  it  is  difficult  for  US  leaders  to 
ignore  forecasts  of  China’s  economy  expanding  by  8  percent  annually 
through  2040  as  predicted  by  Fogel  or  5.6  percent  through  2050  per 
the  Carnegie  Endowment  model.17  No  matter  the  actual  growth  rate,  so 
long  as  it  is  greater  than  that  of  the  United  States,  it  is  cause  for  concern 
within  Washington  given  the  power  this  cedes  to  China.18  For  example, 
some  Western  corporations  are  unwilling  to  criticize  China  over  a  range 
of  issues  due  to  the  financial  power  China  wields  over  them.19  Asian 
nations  may  also  be  in  the  uncomfortable  position  of  having  to  “choose 
between  the  two  giants,”  based  on  China’s  growing  strength.20 

The  paradoxical  state  of  the  Chinese  economy,  however,  is  such  that 
some  of  the  major  driving  forces  fueling  its  financial  boom  cannot  remain 
in  place  once  a  certain  level  of  power  is  reached.  Based  on  this  conflict, 
Samuel  Huntington’s  observation  that  “economic  growth  and  other  in¬ 
creases  in  a  country’s  capabilities  often  proceed  along  an  S  curve:  a  slow 
start  and  then  rapid  acceleration  followed  by  reduced  rates  of  expansion 
and  leveling  off”  seems  far  more  realistic  when  explaining  China’s  rise.21 

All  of  these  trends  could  make  China’s  rise  alarming  to  the  United 
States,  but  it  may  not  be  as  powerful  as  initially  seem  on  the  surface. 
Significant  limitations  could  slow  growth.  Although  there  are  a  multi¬ 
tude  of  factors  contributing  to  China’s  economic  rise  and  resulting  US 
trade  deficit,  those  most  likely  to  challenge  China’s  long-term  economic 
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growth  include  the  value  of  its  currency,  an  uneven  economy  based  on 
exports  and  state  investment,  and  changing  demographics  that  will  re¬ 
duce  its  workforce. 

China’s  Devalued  Currency 

China  has  engaged  in  a  deliberate  policy  of  devaluing  the  yuan 
through  currency  pegging  and  currency  restrictions  to  encourage  sig¬ 
nificant  foreign  investment  and  manufacturing.22  While  such  policies 
have  created  an  economic  boom  for  China  in  recent  years,  its  growing 
economic  power  will  make  it  increasingly  difficult  to  keep  its  currency 
value  so  low,  potentially  driving  out  foreign  investment  and  manufac¬ 
turing  to  other  developing  nations  able  to  offer  cheaper  services. 

Although  it  is  easy  to  say  Beijing  simply  devalues  its  national  cur¬ 
rency,  the  complexities  of  this  are  far  more  intricate.  The  devaluation  of 
the  yuan  has  been  largely  facilitated  through  fixing  its  value  to  the  US 
dollar  and  avoiding  its  internationalization.  Economists  estimate  that 
the  yuan  is  devalued  by  15  to  40  percent.23  China  accomplishes  this 
through  significant  purchases  of  US  Treasury  bonds  to  ensure  the  value 
of  the  dollar  remains  higher  than  the  yuan.24 

Salman  Khan,  a  US  economist  and  educator,  uses  a  hypothetical  example 
to  clarify  this  interaction.  He  explains  that  if  China  exports  $50  million 
worth  of  goods  to  the  United  States,  while  it  only  imports  $20  million 
of  US  goods,  a  $30  million  trade  deficit  ensues.  Chinese  traders  will 
exchange  their  50  million  US  dollars  for  their  own  currency,  while  US 
traders  will  want  $20  million  worth  of  that  sum  to  convert  the  yuan  to 
US  currency.  While  the  $20  million  worth  is  exchanged,  there  is  a  surplus 
of  $30  million  flooding  the  market,  and  per  supply  and  demand,  the 
value  of  the  dollar  should  fall  accordingly.  China,  however,  does  not 
want  the  value  of  the  US  dollar  to  fall,  as  this  would  increase  the  relative 
value  of  the  yuan  and  make  Chinese  manufacturing  more  expensive. 
Therefore,  China  uses  its  vast  reserve  holdings  to  buy  the  surplus  US 
dollars,  $30  million  in  this  example,  to  ensure  the  value  of  the  dollar 
does  not  fall.21  Unlike  Khan’s  example,  the  actual  2012  US  trade  deficit 
with  China  was  approximately  $315  billion.26  While  this  illustration 
explains  pegging  and  Chinese  currency  accumulation  concepts,  it  is  not 
the  cause  of  the  trade  deficit  itself.  This  involves  multiple  factors  driving 
lower  costs,  thus  higher  consumer  demand,  for  Chinese  products.  These 
are  discussed  in  following  sections. 
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This  Chinese  tactic  of  devaluing  its  currency  by  pegging  it  to  the  US 
dollar  occurred  from  1995  to  2005  and  again  from  2008  to  essentially 
current  times.27  In  2005,  the  rate  was  approximately  8.1  yuan  to  the 
dollar  and  rose  roughly  25  percent  when  it  unpegged  from  the  dollar 
in  2005. 28  When  China  reestablished  the  fixing  policy  in  2008,  the  rate 
was  about  6.8  yuan  to  the  dollar,  but  under  global  pressure,  China  an¬ 
nounced  in  2010  it  would  very  gradually  start  to  untie  the  yuan’s  fixed 
value  from  the  dollar.29  Some  loosening  has  occurred,  with  the  yuan 
currently  valued  at  approximately  6.14  to  the  dollar;  however,  it  still 
remains  largely  pegged  to  US  currency.30 

In  a  similar  vein,  China  has  managed  to  keep  the  value  of  the  yuan 
artificially  low  by  currency  restrictions  and,  until  very  recently,  essen¬ 
tially  avoided  trading  it  in  international  markets.  China’s  motivation  for 
this  policy  has  been  the  same  as  pegging  the  yuan  to  the  dollar.  Because 
of  expanding  Chinese  industry  and  economics,  the  demand  for  a  freely 
traded  yuan  would  be  high,  driving  up  its  value.  The  rise  would  subse¬ 
quently  mean  more  expensive  Chinese  goods  and  assembly,  potentially 
pushing  significant  business  to  lower-cost  nations.  Banking  executive 
Ken  Miller  states,  “Beijing  does  not  dare  make  its  capital  account  con¬ 
vertible;”  its  export  industry  simply  would  not  be  the  competitive  giant 
it  is  now  if  the  yuan  were  freely  traded.31 

Recent  developments,  however,  indicate  China  may  be  taking  Miller’s 
dare.  In  2009  China  started  to  allow  some  nations  to  import  and  export 
using  the  yuan,32  and  it  has  slowly  allowed  that  list  to  increase  to  19 
countries  and  regions  as  of  March  2013.  Brazil  and  Australia  are  some  of 
the  most  notable  new  additions  to  the  list,  and  France,  Great  Britain,  and 
Switzerland  are  also  vying  for  similar  arrangements.  New  and  potential 
currency  deals  certainly  indicate  a  significant  appetite  for  international¬ 
ization  of  the  yuan,  and  a  recent  report  from  international  bank  HSBC 
predicts  further  loosening  of  the  yuan  will  make  it  one  of  the  major 
globally  traded  currencies  by  20 15. 33  Despite  these  developments,  the 
yuan  still  has  substantial  government  controls  and  is  not  a  free-market 
commodity  allowed  to  reach  its  equilibrium  value,34  leading  China  to 
a  substantial  crossroads  regarding  its  desire  to  become  a  global  reserve 
currency  versus  the  need  to  keep  the  value  of  the  yuan  low. 

The  global  financial  crisis  created  anxiety  over  US  dollar  holdings  and 
with  increasing  fiscal  confidence,  China  is  starting  to  push  for  use  of 
the  yuan  rather  than  the  dollar  or  euro  as  a  major  international  reserve 
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currency.35  The  dollar  and  euro  made  up  about  90  percent  of  all  foreign 
exchange  reserves  in  early  2012  and  account  for  approximately  74  per¬ 
cent  of  current  international  payments  as  the  only  currencies  large  and 
powerful  enough  to  sustain  the  volume  of  international  trading.36  But 
confidence  in  these  two  currencies  is  waning,  and  some  are  looking  to 
diversify  with  alternatives.  Specifically,  China  no  longer  trusts  the  dollar, 
and  many  leaders  in  Beijing  are  making  moves  to  promote  replacing  the 
dollar  and  euro  with  the  yuan  as  a  global  reserve  currency.  To  do  this, 
though,  China  must  unpeg  the  yuan  and  allow  full  international  access 
for  it  to  become  a  trusted  international  form  of  currency  and  reserves.37 
This  means  the  value  of  the  yuan  is  very  likely  to  rise  and  the  massive 
exports  China  relies  on  to  fuel  its  economy  will  no  longer  be  as  attractive 
to  foreign  investors. 

China  cannot  attain  the  economic  influence  needed  to  be  considered 
a  fiscal  hegemon  unless  its  currency  is  at  least  one  of  the  major  inter¬ 
nationally  traded  and  saved  currencies.  Thus,  it  cannot  become  the  next 
global  economic  hegemon  without  the  value  of  the  yuan  increasing,  creat¬ 
ing  a  major  incongruity:  can  it  become  the  leading  global  economic 
power  without  the  artificial  measures  Beijing  has  put  in  place  to  fuel  the 
economy?  While  China’s  economy  can  continue  to  grow,  it  will  have 
difficulty  becoming  a  global  financial  authority  unless  the  yuan  is  freely 
traded,  but  China’s  economy  is  very  likely  to  suffer  if  the  yuan’s  value  sig¬ 
nificantly  increases.  This  dynamic  will  serve  as  a  major  growth  restraint. 
While  China  is  undoubtedly  becoming  a  financial  power,  straight-line 
economic  predictions  on  its  imminent  dominance  must  be  adjusted. 

Exports  and  the  State-Fueled  Economy 

The  International  Monetary  Fund  (IMF)  reported  that  “by  2003, 
China’s  export  growth  rate  was  seven  times  higher  than  the  export 
growth  rate  recorded  by  the  world  as  a  whole,”38  and  exports  only  con¬ 
tinue  to  thrive.39  While  this  strategy  has  certainly  succeeded  in  propel¬ 
ling  China’s  international  economy,  that  growth  has  come  at  significant 
expense  to  its  domestic  economy — that  is,  consumption  within  China 
and  the  average  individual’s  buying  power — creating  what  some  have 
referred  to  as,  “a  lopsided  giant.”40  Beijing’s  financial  policies  require  strict 
government  control  to  manipulate  the  value  of  the  yuan,  influence  inter¬ 
nal  economics  through  interest  rates  and  state  investment,  and  protect 
Chinese  banks  from  open  competition  which  could  have  a  significantly 
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upsetting  effect  on  the  Chinese  economy.41  To  achieve  these  three  effects, 
China’s  government  must  possess  considerable  reserve  holdings  to  buy 
US  bonds,  influence  and  invest  domestically,  and  have  enough  assets  to 
keep  its  domestic  banking  system  isolated.  Not  only  are  reserves  needed 
for  these  functions,  but  that  need  continues  to  grow  as  China’s  buying 
off  currency  surpluses  to  keep  the  yuan  devalued  forces  it  to  continue 
reserve  accumulation.42 

In  2010,  Chen  Zhiwu  of  MIT  assessed  that  the  Chinese  government 
controlled  approximately  70  percent  of  domestic  assets,43  and  in  February 
2012  economist  Adam  Hersh  testified  before  the  US-China  Economic 
and  Security  Review  Commission  that  “government  control  over  China’s 
economy  remains  pervasive,  including  through  direct  ownership  of 
virtually  all  of  the  formal  financial  system  and  much  of  the  economy’s 
productive  assets.”44  The  tactic  of  government  control  through  reserve 
holdings  may  work  for  China  in  the  short  term,  but  without  domestic 
stimulation,  this  unbalanced  financial  system  will  become  a  significant 
liability  if  foreign  investments  and  exports  continue  to  decline. 

China’s  domestic  consumption  is  the  lowest  among  major  global 
economies,  at  about  50  percent  of  US  rates.45  Claude  Meyer  describes 
this  state  versus  household  spending  discrepancy  by  noting,  “China’s 
financial  might  demonstrates  the  power  of  the  State,  financial  institu¬ 
tions  and  businesses,  but  does  not  in  any  way  reflect  the  situation  of  its 
households,  whose  income  lies  between  that  of  El  Salvador  and  Egypt.”46 
In  addition  to  insufficient  cash  flow  failing  to  stimulate  domestic  spend¬ 
ing,  government  interest  rate  controls  are  leading  to  minimal  invest¬ 
ment,  saving,  and  wealth  accumulation. 

The  government  in  Beijing,  through  a  closed  banking  system  with  no 
competition,  has  kept  interest  rates  it  pays  savers  low,  while  the  interest 
rates  it  charges  borrowers  are  significantly  higher  than  normal  market 
forces  would  dictate.  According  to  the  Wharton  School  of  Business,  in 
2010  China’s  tightly  governed  interest  rate  spread  between  what  borrowers 
are  charged  and  savers  are  paid  was  1.5  to  2.5  percentage  points  larger 
than  other  banks  around  the  world  which  allow  free-market  forces  to 
determine  rates.47  This  controlling  practice  leads  to  wealth  accumula¬ 
tion  for  Chinese  banks,  and  hence  the  Chinese  government,48  which  is 
needed  to  buy  off  foreign  surpluses  to  devalue  the  yuan.  It  also  creates 
yet  another  dynamic  where  the  Chinese  population  has  little  ability  to 
generate  wealth.  Artificially  low  interest  rates  may  not  keep  up  with 
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inflation,  creating  an  actual  negative  net  return  for  savers.49  Chinese  in¬ 
vestors  have  few  options  for  better  returns  due  to  significant  restrictions 
on  domestic  savers  investing  anywhere  except  Chinese  banks.50  Addi¬ 
tionally,  these  abysmal  saving  options  force  many  domestic  consumers 
to  put  aside  additional  income  to  cover  necessities  such  as  health  care  or 
education,  further  stagnating  the  domestic  consumption  engine.51 

Vice  Premier  Li  Keqiang’s  2010  comments  on  an  “irrational  economic 
structure  .  .  .  [and]  uncoordinated  and  unsustainable  development”  in¬ 
dicate  China’s  awareness  of  the  problem.62  Yet  in  June  2012,  both  lend¬ 
ing  and  deposit  interest  rates  were  cut  equally  by  25  percent,53  and  in 
July  2012,  rates  were  lowered  again  but  this  time  slightly  unequally, 
narrowing  the  rate  spread  by  0.06  percent.54  While  a  slightly  smaller 
rate  spread  is  a  step  in  the  right  direction,  it  is  questionable  how  much 
lowering  rates  in  a  way  that  benefits  borrowers,  but  not  individual  savers, 
might  stimulate  Chinese  domestic  growth. 

The  summer  of  2012  also  witnessed  slightly  relaxed  rate  restrictions, 
with  Chinese  banks  allowed  to  set  rates  as  low  as  70  percent  of  the  bench¬ 
mark  for  loans  and  up  to  1 10  percent  of  par  for  deposits.5'’  While  these 
changes  lend  hope  for  further  loosening  of  restrictions,  Chinese  banks 
are  still  highly  controlled  by  a  government  which  needs  profits  to  fuel  its 
export-driven  yuan  pegging.  The  lower  lending  rate  may  stimulate  some 
domestic  improvements,  but  China’s  overall  interest  rate  picture  can  be 
viewed  as  supporting  its  export  rather  than  domestic  economy.  Unfor¬ 
tunately  for  those  who  would  initiate  reform,  a  devalued  yuan  and  low 
interest  rates  fuelling  exports  at  the  expense  of  domestic  spending  are 
profitable  for  the  most  powerful.  Sebastian  Mallaby  and  Olin  Wethington 
explain  in  their  2012  article: 

State-owned  banks  do  not  want  to  pay  depositors  market  interest  rates.  Politi¬ 
cally  connected  borrowers,  such  as  state-owned  construction  companies  that 
build  China’s  impressive  infrastructure,  do  not  want  to  give  up  access  to  cheap 
capital.  Politically  connected  exporters,  on  whom  provincial  governors  count 
to  create  jobs  in  their  regions,  do  not  want  to  give  up  the  advantage  created 
by  the  favorable  exchange  rate.  Groups  that  have  an  interest  in  reform — savers 
who  receive  artificially  low  returns  and  consumers  who  pay  a  high  price  for 
imports — are  no  match  for  powerful  producers.56 

A  final  aspect  to  this  lopsided  picture,  but  perhaps  one  of  the  most 
important  dynamics  to  the  current  economic  boom,  is  massive  state  in¬ 
vestment  in  Chinese  industry.57  According  to  Asian  economic  theorists 
Michael  Pettis  and  Claude  Meyer,  China  is  following  a  model  that  others, 
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including  Japan,  have  used  to  jumpstart  a  national  economy.  In  very 
basic  terms,  the  model  prescribes  that  nations  with  little  industry  or 
infrastructure  inject  significant  government  investment  to  establish  a 
subsidized  and,  therefore,  very  competitive  industrial  and  production 
base.  This,  in  turn,  starts  measurable  foreign  trade  and  the  accumula¬ 
tion  of  reserves,  which  a  nation  can  further  inject  into  its  industrial 
capacity  and  enter  the  global  financial  stage.38  In  China’s  case  this  model 
has  thus  far  been  highly  successful,  with  its  “abundant  savings  deposits 
and  vast  resources  of  labour”  proving  a  powerful  engine  to  support  its 
industrial  might.59  As  Pettis  and  Meyer  point  out,  however,  the  model  is 
not  sustainable.  At  a  certain  point  every  new  industrial  enterprise  is  no 
longer  necessary,  some  of  the  significant  government  investments  fund 
unprofitable  enterprises,  and  debt  begins  to  accumulate.  Pettis  describes 
more  specifically  China’s  use  of  this  model: 

China  has  the  highest  investment  rate  ever  recorded,  and  the  highest  growth  rate 
of  investment  probably  ever  recorded,  [such]  that  we  start  to  run  out  of  economi¬ 
cally  viable  projects.  But  because  the  system  was  so  geared  toward  continuous 
increases  in  investments,  we  keep  on  investing,  and  when  that  happens,  invest¬ 
ments  become  allocated  into  projects  that  do  not  generate  sufficient  real  returns.60 

Similar  to  the  devaluation  of  the  yuan,  this  tactic  of  government- 
supported  industry  may  have  sparked  a  near-term  boom  but  set  the 
stage  for  longer-term  fiscal  problems.  The  global  economic  crisis  of 2008 
succinctly  demonstrates  China’s  long-term  problem  with  its  state  invest¬ 
ment  strategy.  When  the  global  crisis  impacted  exports  and  its  domestic 
economy  was  not  able  to  absorb  the  downturn,  the  Chinese  govern¬ 
ment  introduced  a  two-year  stimulus  plan  in  2008  worth  $600  billion. 
While  this  indeed  sparked  some  short-term  growth,  it  has  created  the 
potential  for  even  more  debt  while  doing  nothing  toward  fixing  a  more 
fundamental  problem  of  a  poor  domestic  economy  and  low  household 
incomes.61  Meyer  explains  the  recent  stimulus,  though  the  issue  he  raises 
also  illustrates  the  larger  problem  with  the  industrial  investment  model 
China  started  decades  ago: 

The  surge  in  [2008]  bank  lending  has  exacerbated  industrial  over¬ 
capacity  and  may  fuel  a  property  and  stock  market  bubble,  the  bursting  of 
which  would  leave  a  massive  overhang  of  bad  debt.  Even  more  worrying,  the 
stimulus  plan  has  worsened  rather  than  improved  the  quality  of  growth.  Invest¬ 
ment  has  taken  over  from  faltering  external  demand  and  was  responsible  for 
over  90  percent  of  growth  in  2009.  Continuing  in  2010,  the  stimulus  plan  did 
little  to  redirect  the  Chinese  economy  toward  stronger  domestic  demand.62 
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While  reserve  holdings,  artificial  interest  rates,  and  government  invest¬ 
ment  in  industry  have  helped  fuel  the  Chinese  economic  boom,  it  could 
be  at  the  expense  of  long-term  financial  health.  For  China  to  remain  on 
a  relatively  stable  economic  growth  trajectory,  its  domestic  consumption 
must  be  able  to  absorb  downturns  in  exports  which  could  result  from 
factors  such  as  the  global  financial  crisis  and  the  yuan’s  increasing  value. 
Despite  China’s  apparent  awareness,  as  evidenced  in  Vice  Premier  Li’s 
comments,  its  ability  to  grow  a  domestic  spending  engine  simply  may 
not  compensate  quickly  enough  for  the  downturn  in  exports  caused  by 
an  increasingly  powerful  yuan.63 

Therefore,  experts  contend  the  tools  China  will  need  to  effect  actual 
domestic  financial  reform  will  be  at  the  expense  of  those  it  uses  to  ar¬ 
tificially  stimulate  its  economy.  Higher  interest  rates  and  actual  returns 
on  savings  will  give  the  average  Chinese  consumer  more  confidence  to 
spend  rather  than  set  aside  earnings.  Similarly,  a  looser  market  and  ris¬ 
ing  yuan  will  also  increase  Chinese  spending  by  giving  consumers  more 
international  purchasing  power  and  increasing  imports.  Yet,  exports  and 
state  profits  gained  through  exports  and  low  deposit  rates  will  suffer,  as 
well  as  the  degree  of  Chinese  government  control  over  the  economy. 
Hence,  whether  due  to  exports  lagging  and  domestic  consumption  un¬ 
able  to  fill  the  gap  or  balancing  the  export  giant  by  generating  a  sound 
domestic  market  at  the  expense  of  “comparative  advantages”  such  as 
substantial  government  investment  or  a  devalued  yuan,64  there  may  be  a 
significant  slowing  effect  on  Chinese  economic  growth. 

Chinese  Demographics 

The  Chinese  workforce  is  approximately  900  million  to  1.34  billion 
strong,65  fueling  a  significant  production  base  for  China’s  export  boom 
with  its  cheap  labor  the  “driving  force  behind  their  industrial  competi¬ 
tiveness.”66  Two  critical  factors,  China’s  one-child  policy  and  its  lack  of 
health  care,  however,  may  cut  away  at  these  numbers  and  greatly  reduce 
the  masses  available  to  work  in  assembly  lines,  factories,  and  production 
facilities.  It  is  this  future  impact  to  the  available  workforce  that  will  serve 
as  the  final  influence  to  plateau  Chinese  economic  expansion. 

Different  sources  cite  slightly  different  fertility  rates  in  China  today, 
but  the  child-to-mother  ratio  ranges  from  1.1  to  1.56  thanks  to  the 
one-child  policy.67  At  the  same  time,  a  dynamic  called  replacement  rate, 
which  is  the  fertility  rate  a  population  requires  to  remain  at  relatively 
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constant  numbers,  is  currently  2.1  children  per  mother  for  China.68 
This  discrepancy  indicates  a  population  decline  at  some  future  point. 
The  UN  estimates  China’s  population  will  peak  in  2015,  followed  by  a 
rapid  drop-off  as  a  direct  result  of  the  one-child  policy.69  A  ripple  effect 
of  the  one-child  policy  will  lead  to  further  decreases  in  coming  genera¬ 
tions  due  to  significantly  more  boys  than  girls  being  born,  as  Chinese  cul¬ 
ture  favors  male  offspring,  leading  to  some  female  infanticide,  or  more 
commonly,  sex-selective  abortions.  Therefore,  “In  about  20  or  25  years’ 
time,  there  will  not  be  enough  brides  for  almost  a  fifth  of  today’s  [Chinese] 
baby  boys — with  the  potentially  vast  destabilizing  consequences  that 
could  have.”70 

A  final  effect  of  the  policy  is  an  aging  population.  Because  Chinese 
children  are  not  replacing  their  elders  in  equivalent  numbers,  the  per¬ 
centage  of  the  population  over  the  age  of  60  is  expanding,  while  the 
percentage  of  those  below  14  is  falling.71  An  older  population  will  sig¬ 
nificantly  reduce  the  work  force,  with  China’s  2010  ratio  of  nine  laborers 
per  retiree  falling  to  just  four  per  retiree  by  2030. 72  The  aging  popula¬ 
tion  also  means  an  increased  health  care  burden.  A  World  Health 
Organization  study  predicts  China’s  “burden  of  diseased  population”  as 
a  percentage  of  overall  population  will  rise  dramatically  from  44  percent 
in  2004  to  65  percent  in  2030  due  to  its  elderly  increase.73  Thus,  the 
coming  decades  will  see  the  one-child  policy  significantly  eat  away  at 
China’s  overall  population  and  masses  of  cheap  labor,  and  the  increasing 
portion  of  elderly  Chinese  will  add  an  additional  burden  to  that  decreas¬ 
ing  workforce. 

While  demographic  impacts  of  the  one-child  policy  will  impact 
China’s  approximately  billion-strong  workforce  as  early  as  2015,  the 
growing  health  crisis  will  also  factor  into  its  economic  future.  Yanzhong 
Huang,  a  senior  fellow  for  global  health  at  Seton  Hall  University,  has 
termed  China,  “the  sick  man  of  Asia,”  based  on  the  alarming  rates  of 
disease  and  sickness  there  today.  China  leads  the  world  in  diabetes  and 
noncommunicable  diseases  such  as  cancer;  has  a  significant  and  increas¬ 
ing  HIV/AIDS  threat;  accounts  for  one-third  of  worldwide  hepatitis 
B  virus  carriers;  and  faces  a  burgeoning  mental  health  crisis  with  data 
suggesting  an  approximate  50  percent  rate  of  mental  illness.74  Many 
of  these  problems  stem  from  an  aging  population  but  also  from  China 
focusing  on  manufacturing  and  GDP  growth  rather  than  any  type  of 
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effective  health  care  system.  While  officials  are  starting  to  reform  health 
care,  it  still  has  a  long  way  to  go.75 

Government  investment  in  health  spending  has  increased  since  2002, 
and  the  Chinese  government  now  reports  94  percent  of  its  population 
has  some  sort  of  health  care  coverage.  Despite  this  seemingly  positive 
trend,  the  system  is  government-run  with  an  inefficient  structure,  suf¬ 
fers  from  rampant  corruption,  and  emphasizes  care  in  urban  areas  at 
the  expense  of  rural  ones.  Therefore,  the  reality  is  closer  to  the  coverage 
provided  by  a  2010  rural  cooperative  program  that  technically  covers  in¬ 
dividuals,  but  only  at  the  rate  of  “8.6  percent  of  total  health-care  expen¬ 
ditures  per  capita.”76  This  means  many  average  citizens  have  to  set  aside 
savings  to  cover  potentially  significant  out-of-pocket  expenses  for  health 
care  at  the  cost  of  domestic  spending.  As  Huang  explains,  “When  people 
have  to  worry  about  expensive  medical  bills,  they  are  less  likely  to  spend 
money  on  other  things.  Between  the  mid-1990s  and  2006,  more  than 
50  percent  of  total  health  care  spending  was  out-of-pocket  payments.”77 
Unfortunately,  the  situation  may  be  difficult  to  resolve.  The  Yale-China 
association  highlights  that  China  may  struggle  to  find  an  easy  solution 
with  significant  obstacles  to  providing  quality  care,  including  “a  hybrid 
market-socialist  society,”  no  established  health  insurance  industry,  and 
low  per-capita  income.78 

While  this  is  a  dismal  state  of  affairs  in  human  terms,  it  will  also 
hit  China  on  an  economic  level.  Widespread  health  issues  mean  a  loss 
of  productivity;  a  2011  report  by  economists  and  health  care  experts 
concluded  that  in  2005  China  lost  a  sum  equivalent  to  13  percent  of 
its  GDP  due  to  disease  and  lost  labor.79  An  aging  population  with  little 
health  care  will  also  push  workers  to  spend  less  time  on  the  production 
line  and  more  time  taking  care  of  elderly  parents  and  grandparents.80 
And  finally,  as  with  low  interest  rates,  significant  out-of-pocket  health 
expenses  for  not  only  an  individual  worker,  but  an  aging  family  as  well, 
means  less  money  going  into  the  domestic  Chinese  economy.81 

China  is  beginning  to  add  more  health  reforms,  and  prudent  measures 
to  improve  the  quality  of  health  care  and  insurance  coverage  may  solve 
some  of  these  issues.  Although  true,  it  will  be  at  the  expense  of  pro¬ 
duction,  as  expressed  by  Salvatore  Babones:  “Todays  little  emperors  will 
spend  their  most  productive  years  taking  care  of  their  parents.  And 
as  they  do,  China’s  economic  activity  will  have  to  move  away  from 
high-productivity  manufacturing  and  toward  low-productivity  health 
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services.”82  Jack  Chow  of  Carnegie  Mellon  University  paints  a  slightly 
more  promising  picture  with  Beijing  further  increasing  health  reforms 
in  2009  and  government  programs  leading  to  a  3  percent  drop  in  child 
mortality  and  incidents  of  tuberculosis  decreasing  45  percent  from 
2000  to  20 10. 83  While  these  trends  are  good  news  for  Chinese  citi¬ 
zens  and  one  hopes  they  persist,  continued  health  care  improvements 
will  divert  funds  from  practices  allowing  continued  GDP  expansion. 
According  to  Meyer,  “The  financial  cost  of  such  a  [health]  system  is 
likely  to  become  increasingly  onerous,  and  perhaps  even  crushing,  as 
the  population  ages  and  the  labour  force  shrinks  as  it  will  from  2015- 
20.”84  Whether  lost  workdays  and  household  health  care  costs  limit 
domestic  spending  or  Beijing  decides  to  spend  resources  to  overhaul 
its  health  system,  either  path  will  cost  China  and  impact  its  economy. 

Thus,  the  combined  effect  of  the  one-child  policy  and  an  impend¬ 
ing  health-care-related  slowdown  is  likely  to  influence  China’s  ability 
to  produce  at  current  rates.  Its  leaders  clearly  understand  this  exports- 
based,  state-capital-infused,  and  cheap-labor-driven  economy  is  not 
sustainable,  and  the  Chinese  government  has  emphasized  increasing 
productivity  to  fill  the  gap.  A  2011-15  “Five  Year  Plan”  has  been  put 
in  place  which  will,  among  other  things,  put  a  premium  on  productivity, 
with  rewards/repercussion  for  companies  based  on  efficiency  perfor¬ 
mance.  85  Since  China  is  currently  in  the  lower  ranks  on  the  global 
productivity-per-worker  scale,  there  is  room  for  substantial  improve¬ 
ment.86  It  is  possible  then,  that  it  may  offset  the  decline  in  workforce 
with  increased  productivity.  Despite  the  potential  for  increased  pro¬ 
duction  technology  reducing  the  number  of  workers  needed,87  it  is 
still  conceivable  a  significant  reduction  in  the  workforce  will  hamper 
China’s  cheap  exports  machine.  Whether  this  is  through  less  capacity 
to  produce  or  higher  wages  to  a  smaller  but  more  skilled  workforce,  it 
will  be  further  impacted  by  the  possible  effects  of  a  “crushing”  health 
care  crisis.  Although  challenging  to  accurately  predict,  it  is  quite  fea¬ 
sible  all  these  factors  will  have  an  overall  negative  influence  on  China’s 
capacity  to  produce  through  2015-30  as  both  population  decline  and 
the  health  crisis  begin  to  fully  bear  their  weight. 


Strategic  Studies  Quarterly  ♦  Spring  20 1 4 


[101] 


Heather  Fox 


Implications  for  US  Policy 

The  preservation  of  commercial  and  financial  interests  constitutes 
now  a  political  consideration  of  the  first  importance,  making  for 
peace  and  deterring  from  war. 

— Alfred  Thayer  Mahan,  July  1902 

Forecasting  China’s  economic  and,  therefore,  military  and  political 
power  in  the  coming  decades  with  any  precision  is  difficult  due  to  a  vast 
range  of  changing  dynamics.  These  include  some  important  issues  not 
discussed  here,  such  as  its  vast  consumption  of  raw  materials,  the  global 
oil  market,  and  ecological  factors.  What  does  seem  clear,  however,  is  that 
an  undervalued  yuan,  large  state  investment,  and  masses  of  cheap  labor 
are  not  sustainable,  leading  to  an  eventual  economic  slowdown.  Given 
this  likelihood  of  China  not  surpassing  the  United  States  economically 
in  the  coming  decades  and  settling  into  a  position  of  “partial  power,” 
as  David  Shambaugh  suggests,  what  are  the  implications  for  US  policy 
toward  China? 

Economics  as  a  Policy  Tool 

Foremost,  one  must  understand  the  potential  for  misunderstandings 
is  high.  Headlines  proclaiming  China’s  economy  will  overtake  that  of  the 
United  States  in  20-30  years  or  that  China  holds  22  percent  of  US  foreign 
debt  may  strike  fear  in  the  hearts  of  US  officials  and  the  American  public, 
leading  to  shortsighted  policies  and  unhelpful  rhetoric.  A  Pew  Research 
Center  poll  found  that  at  the  end  of  2009,  53  percent  of  Americans 
viewed  China  as  a  major  threat,  while  44  percent  thought  China  was 
the  world’s  leading  economic  power  compared  to  the  37  percent  who 
thought  the  United  States  had  the  foremost  financial  strength.88  Such 
factors  may  be  easy  targets  for  political  candidates  to  exploit,  which  only 
strengthens  the  escalation  potential  of  such  rhetoric. 

US  leaders  need  to  understand  that  China’s  economy  is  not  as  threat¬ 
ening  as  a  cursory  analysis  might  indicate.  This  does  not  mean  China’s 
monetary  rise  should  not  demand  significant  attention.  On  the  contrary, 
US  policymakers  must  dig  deeper  to  see  China  is  an  emerging  power 
with  significant  growing  pains  yet  to  overcome  and  with  considerable 
dependence  upon  the  United  States.  Rather  than  viewing  China’s  grow¬ 
ing  economy  as  a  threat,  it  must  be  continually  analyzed  and  understood 
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to  find  ways  to  work  toward  mutual  benefit  rather  than  allowing  mis¬ 
understanding  and  fear  to  drive  inappropriate  headlines  or  policies. 

Claude  Meyer  asserts,  “The  United  States  is  a  key  [Chinese]  economic 
partner  at  the  moment,  but  it  is  American  hegemony  that  will  ultimately 
be  challenged.  The  quest  for  supremacy  in  Asia  is  just  a  step  on  the 
way.  .  .  .  There  can  be  no  doubt  that  considerable  tension  will  remain.”89 
This  tension,  along  with  press  reports  and  slightly  frenetic  attitudes  of 
China  overtaking  US  hegemony,  has  potential  to  lead  to  US  missteps 
which  must  be  avoided.  Shambaugh  supports  this  concept  in  his  com¬ 
ments  on  overestimating  China’s  dominance: 

China  is  certainly  not  about  to  “rule  the  world,”  [as]  in  the  estimate  of  Martin 
Jaques’s  recent  popular  book.  To  the  contrary,  as  Joseph  Nye  has  observed:  “The 
greatest  danger  we  have  is  overestimating  China  and  China  overestimating  it¬ 
self.  China  is  nowhere  near  close  to  the  United  States.  So  this  magnification  of 
China,  which  creates  fear  in  the  U.S.  and  hubris  in  China,  is  the  biggest  danger 
we  face.”90 

Understanding  not  only  China’s  long-term  economic  sustainability 
challenges,  but  also  the  interrelationship  between  the  economies  of 
China  and  the  United  States  is  important  for  developing  policy  and 
successfully  navigating  these  tensions.  One  of  the  more  significant  con¬ 
cerns  is  China’s  massing  of  US  securities,  which  could  confer  substantial 
power  over  the  US  economy.  Due  to  China’s  need  to  buy  US  trade- 
deficit  funds,  primarily  US  Treasury  bonds,  its  holdings  of  US  assets 
was  an  impressive  $1.16  trillion  in  September  2012 — approximately  22 
percent  of  US  foreign  debt.91  While  this  has  been  a  source  of  anxiety  in 
terms  of  China’s  potential  impact  and  power  over  the  US  economy,  it 
also  leverages  significant  US  influence  over  the  Chinese  economy.  Esti¬ 
mates  put  China’s  foreign  exchange  reserve,  arguably  the  bedrock  of  its 
economy,  at  approximately  70  percent  in  US  dollars.92  China  has  just 
as  much  cause  to  feel  uncomfortable  about  the  economic  relationship  as 
the  United  States. 

Some  contend  that  China  selling  off  US  securities  or  significantly 
lowering  its  US  investment  rate  represent  their  two  largest  economic 
concerns.93  Both  would  flood  the  market  with  US  assets  and  lower  the 
value  of  the  dollar,  not  to  mention  introducing  significant  flux  into  the 
US  economy.  The  potential  for  these  actions  also  calls  into  question  the 
extent  of  influence  such  involvement  in  the  US  dollar  confers  to  China. 
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Although  these  three  concerns  are  legitimate,  China’s  economic  threat 
may  not  be  as  one-sided  and  powerful  as  it  initially  seems. 

While  any  large-scale  selloff  of  US  Treasury  bonds  would  lead  to  the 
US  dollar  falling,  this  would  also  diminish  the  value  of  China’s  sizable 
savings  in  US  dollars.  Further,  the  United  States  constitutes  China’s  largest 
export  market.94  If  the  value  of  the  US  dollar  falls  and  the  US  economy 
declines,  Chinese  export  profits  will  suffer.  China  could  deliver  an  eco¬ 
nomic  blow  to  the  United  States  by  rapidly  selling  US  Treasuries;  how¬ 
ever,  any  lessening  of  the  dollar’s  value  or  the  purchasing  power  of  the 
US  consumer  will  subsequently  impact  China  by  reducing  the  value  of 
its  vast  savings  in  US  dollars  and  its  ability  to  export  to  US  consumers. 

There  is  also  concern  that  China  will  stop  investing  so  heavily  in  US 
Treasuries  for  any  number  of  reasons,  including  diversifying  its  finan¬ 
cial  holdings  or  investing  in  domestic  Chinese  programs  instead.  While 
a  slow  and  deliberate  reduction  of  Chinese  investment  could  even  be 
positive  for  the  United  States  if  it  means  unpegging  the  yuan,  an  abrupt 
and  significant  decrease  from  current  levels  could  be  considerably  detri¬ 
mental  to  the  US  economy  if  it  does  not  allow  for  other  markets  to  fill 
the  void.  As  noted  in  a  recent  report  to  Congress,  “Given  [a]  relatively 
low  savings  rate,  the  US  economy  depends  heavily  on  foreign  capital  in¬ 
flows  from  countries  with  a  high  savings  rate  (such  as  China)  to  meet  its 
domestic  investment  needs  and  to  fund  the  federal  budget  deficit.”93  A 
rapid  reduction  of  Chinese  purchases  will  have  a  similar  effect  on  large- 
scale  sales  of  US  Treasuries,  in  that  a  surplus  of  assets  will  inundate 
markets,  and  the  value  of  the  US  dollar  will  fall.  While  the  US  economy 
will  no  doubt  suffer  in  the  event  of  a  rapid  reduction  of  Chinese  invest¬ 
ment,  so  will  China’s.  Once  again,  the  Chinese  action  impacting  the 
dollar  will  produce  a  counteraction  to  lessen  the  value  of  China’s  vast  US 
holdings  and  reduce  its  exports  to  the  United  States  so  long  as  the  cur¬ 
rent  state  of  dependency  exists.  China  cannot  fiscally  wound  the  United 
States  without  also  hurting  itself. 

As  long  as  US  leaders  understand  these  interactions,  China  has  little 
influence  to  bend  US  markets  and  policies  to  its  will  through  economic 
intimidation  or  otherwise,  as  it  has  much  to  lose  if  US  markets  fail.  As 
viewed  from  the  Chinese  perspective,  the  United  States  has  significant 
influence  over  China’s  economic  future  as  the  controller  of  that  asset. 
Further,  and  in  the  most  extreme  and  abysmal  of  circumstances,  should 
the  two  nations  come  to  outright  hostilities,  those  US  Treasury  bonds 
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representing  most  of  China’s  national  wealth  are  unlikely  to  be  honored 
and  may  well  turn  the  vast  Chinese  savings  into  a  worthless  pile  of  IOU 
notes.  US  economic  reliance  on  China  is  unquestionable  and  under¬ 
standably  uncomfortable;  nevertheless,  China  is  just  as  much  a  hostage 
of  US  economic  policies.  This  marriage  somewhat  negates  the  question 
of  untoward  Chinese  influence  over  US  policy,  and  the  threat  of  hostile 
Chinese  economic  actions  wanes  with  an  understanding  of  the  second- 
order  effects  US  finances  have  on  China.  The  US  economy’s  reliance  on 
China  may  not  be  comfortable,  but  China  is  also  dependent,  with  that 
dependency  conferring  still  significant  US  leverage  over  China  if  required. 

In  determining  US  policy  toward  China  then,  the  bottom  line  is  the 
use  of  economics  as  a  policy  tool  can  and  should  be  employed  if  neces¬ 
sary  to  forestall  physical  conflict.  There  are  global  precedents  for  the  use 
of  economics  as  a  weapon  in  warfare.  Nicholas  Lambert’s  Planning 
Armageddon  outlines  Great  Britain’s  plan  to  destroy  Germany  fiscally 
at  the  outset  of  World  War  One  as  an  alternative  to  continental  war¬ 
fare.  The  economic  plan  was  executed  in  August  1914  to  such  effect  that 
after  just  three  weeks,  neutral  nations  and  powerful  bankers  successfully 
pressured  the  British  government  to  stop,  based  on  fears  of  the  impact 
on  global  markets.  Assuming  the  war  would  be  quickly  won  anyway, 
Britain  succumbed  to  pressure  and  quickly  ended  the  economic  warfare 
plan  and,  in  its  place,  carried  out  a  drastically  reduced  fiscal  attack  in  the 
form  of  a  naval  blockade  on  Germany.96  One  must  wonder  how  much 
might  have  been  saved  had  Britain  carried  through  on  its  economic 
plan  instead? 

Another  example  is  that  of  the  United  States  pressuring  the  United 
Kingdom  to  withdraw  from  Egypt  in  the  Suez  Crisis  of  1956.  The  pound 
sterling’s  stability  and  value  was  key  to  British  economics,  and  the  UK’s 
outflow  of  financial  reserves  at  the  time  was  seriously  threatening  the 
pound  in  comparison  to  the  dollar.  To  save  the  pound  sterling,  the  UK 
needed  a  massive  inflow  of  currency  through,  at  the  time,  the  essentially 
US-controlled  IMF.  The  United  States  successfully  used  this  leverage  to 
force  Britain  out  of  Egypt  with  the  incentive  of  an  IMF  bailout;  “The 
United  Kingdom’s  need  for  financial  assistance  gave  the  Americans  the 
perfect  lever  to  force  an  immediate  withdrawal.”97 

Aside  from  historic  examples,  economist  Robert  Ross  cites  more 
recent  instances  of  this  working  for  the  United  States  with  respect  to 
China:  “In  bilateral  economic  relations,  the  United  States  has  negotiated 
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with  China  to  resolve  conflicts  arising  from  Chinese  protectionism  and 
from  Beijing’s  inadequate  protection  of  intellectual  property  rights.  In 
each  case,  Washington  has  used  coercive  tactics  to  elicit  near  one-sided 
Chinese  compliance.”98 

More  specifically,  in  1992  the  United  States  threatened  significant 
economic  sanctions  if  China  did  not  make  considerable  trade  reforms 
allowing  increased  external  access  to  Chinese  markets,  and  by  1995  most 
requested  reforms  were  in  place.  Perhaps  most  important  was  China’s 
2001  accession  into  the  World  Trade  Organization  (WTO),  which  oc¬ 
curred  only  after  it  completed  a  number  of  trade  reforms  requiring  years 
of  negotiation  and  coming  primarily  at  the  behest  of  the  United  States 
and  the  European  Union.99 

Despite  an  apparent  working  relationship  on  the  economic  front, 
the  same  cannot  be  said  for  US  military  and  diplomatic  relations  with 
China.  Chinese  aggression  in  the  South  China  Sea,  its  military  buildup 
with  opaque  strategic  intent,  and  cyber  intrusions  are  just  some  con¬ 
cerns  where  the  United  States  has  recently  tried  to  exert  diplomatic  and 
military  power  to  clarify  or  change  Chinese  actions.  Despite  consider¬ 
able  effort  and  increased  US  military  presence  in  Southeast  Asia,  the 
United  States  has  had  little  to  no  success  in  altering  these  Chinese  activi¬ 
ties.100  On  the  other  hand,  the  instances  of  fiscal  pressure  account  for 
just  a  few  examples  of  US  economic  power,  and  many  more  fiscal  issues 
have  been  resolved  through  US  pressure  and  threats  of  economic  sanc¬ 
tions.101  Although  these  illustrations  have  far  deeper  complexities  than 
presented  here,  they  demonstrate  the  general  trend  of  China  bending  to 
US  pressure  when  that  pressure  is  in  the  form  of  an  economic  rebuke 
rather  than  political  or  military  threats. 

Conclusion:  US  Foreign  Policy  and  China 

“Treat  China  as  an  enemy,”  goes  one  piece  of  well-worn  conven¬ 
tional  wisdom,  “and  it  will  become  one.  ” 

— Aaron  Friedberg,  A  Contest  for  Supremacy 

China  is  unlikely  to  sustain  its  current  economic  growth  rates  and 
surpass  the  United  States,  thus  leaving  US  hegemony  probable  for  at 
least  the  near  future.  China  and  the  United  States  work  best  on  the 
economic  level,  with  the  United  States  being  somewhat  successful  in 
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pressuring  China  into  reforms  through  the  weight  of  economic  sanc¬ 
tions.  The  United  States  also  has  significant  leverage  over  China  because 
its  wealth  is  dependent,  at  least  for  now,  on  the  health  of  the  US  dollar. 
Historical  precedence  also  demonstrates  fiscal  power  can  be  a  potent 
tool  when  applied  to  other  nations. 

When  considering  these  aspects  of  US  foreign  policy  toward  China, 
one  must  also  consider  Paul  Kennedy’s  point  that  economics  is  the  sup¬ 
port  base  of  all  other  forms  of  national  power,  and  ensuring  that  defense 
spending  and  economic  growth  remain  in  healthy  equilibrium  is  essen¬ 
tial  for  long-term  national  success.  The  United  States  may  be  in  danger 
of  overstretch  and  tipping  the  balance  too  far  toward  military  spending 
at  the  expense  of  the  US  economic  engine.102  Binding  together  all  these 
concepts  could  lead  to  the  belief  that  US  foreign  policy  toward  China 
should  allow  significantly  more  flexibility  than  directed  by  the  2012 
Sustaining  US  Global  Leadership  strategic  guidance  emphasis  on  the  “re¬ 
balance  toward  the  Asia-Pacific  region.”103  This  would  possibly  ease  ten¬ 
sions  while  also  allowing  the  United  States  more  resources  to  spend  on 
strengthening  its  economy.  Yet,  what  about  China’s  continued  lack  of 
recognition  of  international  norms? 

Chinese  economic  practices  are  at  times  outside  of  international 
trading  norms  as  they  give  China  a  significant  advantage  over  other 
trading  bodies,  but  there  are  also  issues  such  as  China  increasingly  ignor¬ 
ing  international  and  UN  convention  by  claiming  much  of  the  South 
China  Sea  for  its  abundant  resources.104  How  should  the  United  States 
react  if  China’s  aggressive  actions  in  the  South  China  Sea  continue  and 
freedom  of  navigation  in  international  waters  is  restricted,  or  Chinese 
actions  infringe  upon  the  claims  of  US  allies?  While  these  examples  are 
by  no  means  exhaustive  and  omit  important  issues  such  as  human  rights 
concerns,  cyber  intrusions,  and  Chinese  resource  consumption,  they 
highlight  the  US  problem.  The  ultimate  challenge  then  is  creating  US 
policy  that  avoids  conflict  and  promotes  a  prosperous  relationship  with 
a  rising  China  while  also  ensuring  China  does  not  unfairly  violate  inter¬ 
national  norms  nor  threaten  US  interests  or  those  of  US  allies. 

For  Washington  to  hold  the  line  on  its  interests,  while  engaging  China 
in  a  productive  way,  US  leaders  must  find  a  way  to  maintain  their  posi¬ 
tion  without  becoming  so  threatening  that  China  feels  pushed  toward 
war.  On  the  positive  side,  the  United  States  has  many  nonphysical  tools 
at  its  disposal  to  achieve  this  balancing  act.  With  the  United  States  likely 


Strategic  Studies  Quarterly  ♦  Spring  20 1 4 


[107] 


Heather  Fox 


to  remain  more  powerful  despite  current  economic  faltering,  these  tools 
could  include  fiscal  pressure  and  sanctions,  including  limiting  China’s 
access  to  US  markets.  At  the  extreme  end  of  the  spectrum,  should  US- 
China  relations  turn  considerably  negative,  are  measures  which  take  advan¬ 
tage  of  the  US-controlled  currency  that  dominates  China’s  reserve  base. 
The  most  drastic  of  these  could  include  defaulting  on  the  vast  US 
Treasuries  China  maintains  to  dilute  its  economic  power,  accepting  that 
the  follow-on  effects  to  the  US  economy  and  credit  rating  are  preferable 
to  all-out  war. 

Taking  advantage  of  a  future  Chinese  economic  slowdown  or  fiscal 
levers,  however,  requires  Washington  to  adopt  a  long-term  approach. 
Unfortunately,  this  is  something  US  leaders  are  often  not  well  placed 
to  do  within  election-cycle  politics  and  the  resulting  need  for  imme¬ 
diacy.  Notwithstanding,  US  policymakers  must  consider  digging  in  and 
waiting  out  China’s  economic  boom.  Although  this  may  often  be  dif¬ 
ficult  politically,  the  importance  of  maintaining  a  working  US-Chinese 
relationship  cannot  be  overlooked,  with  significant  implications  or  even 
physical  conflict  if  it  is  pressed  too  hard  or  mishandled.  Consequently, 
US  policymakers  must  factor  the  potential  for  China  to  have  less  relative 
power  in  the  coming  years  than  it  currently  enjoys  and  make  appropri¬ 
ate  long-term  choices  on  how  hard  to  press  for  resolutions  as  a  result. 

Along  with  long-term  fortitude,  fiscal  pressure  may  useful  to  safeguard 
US  interests.  This  concept  should  not  just  apply  in  the  economic  arena, 
but — similar  to  the  British  economic  attack  on  Germany  in  World  War 
One  and  US  economic  pressure  on  the  UK  through  the  IMF  over  the 
Suez  crisis — fiscal  action  should  be  the  first  response  to  most  Chinese 
actions  requiring  a  US  response.  The  use  of  economics  to  push  Chinese 
compliance  should  apply  to  a  host  of  issues,  both  inside  and  outside  of 
the  fiscal  arena,  such  as  WTO  violations,  cyber  intrusions,  or  territorial 
violations  in  the  South  China  Sea. 

US-Chinese  policy  will  require  constant  analysis  and  tending.  A  funda¬ 
mental  understanding  of  China’s  fiscal  future  with  consideration  of  a 
long-term  approach  and  economic  pressure,  or  even  attack,  as  the  first 
response  will  be  paramount  to  success.  The  United  States  will  always 
require  a  strong  military  to  back  fiscal  pressure.  Indeed  the  diplomatic 
and  military  tools  of  US  national  power  in  addition  to  fiscal  pressure 
will  add  depth  and  credibility  to  any  economic  policy  meant  to  protect 
US  interests.  The  balance  required  to  steer  the  two  nations  away  from 
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conflict  and  toward  a  productive  relationship  while  protecting  US  interests, 
however,  may  be  far  more  achievable  if  first  viewed  and  conducted  from 
an  economic  perspective. 
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A  Proposed  Analytic  Framework 

Eric  F.  Mejia,  Colonel,  USAF 

TSgt  Joe  Pesek  rolled  out  of  bed  shortly  after  0600  to  get  breakfast 
at  the  NCO  club.  He  was  assigned  to  the  5th  Bomber  Group  and  had 
arranged  to  meet  his  friends  for  golf  after  breakfast.  The  course  in 
Honolulu  was  beautiful,  and  there  was  no  better  way  to  spend  a  lazy 
Sunday  morning.  Waiting  for  the  bus,  he  admired  the  beautiful  blue  sky 
flecked  with  distant  aircraft.  Seeing  this  many  aircraft  meant  a  carrier 
must  be  coming  into  port.  Joe  wasn’t  alarmed  until  the  first  plane  pulled 
up  low  over  Hickam  Airfield  with  machine  guns  chattering.  The  clearly 
visible  rising  sun  of  Imperial  Japan  on  the  wings  told  the  story — Japan 
had  attacked  Pearl  Harbor.1  The  following  day,  8  December  1941,  the 
United  States  and  Japan  declared  war  against  each  other. 

Seventy  years  later,  Air  Force  major  Shelly  Johnson  rolled  out  of  bed 
looking  forward  to  another  day  of  leave  in  Honolulu.  Taking  out  her 
smartphone,  she  tried  to  scan  a  check  into  her  account  so  she  would 
have  extra  spending  money.  Despite  several  attempts,  the  check  failed 
to  deposit.  Frustrated,  she  used  her  tablet  to  access  the  bank’s  website; 
however,  the  homepage  refused  to  load.  She  finished  breakfast  and  tried 
again  without  luck.  Irritated,  she  gave  up  and  got  into  her  car  to  enjoy 
her  day  of  leave.  A  few  days  later  she  read  the  headline:  “Major  Banks 
Hit  with  Biggest  Cyberattacks  in  History.”2  The  article  explained  how 
several  of  the  largest  banks,  including  her  own,  had  been  the  victim  of 
a  cyber  attack.  The  Islamist  group  Izz  ad-Din  al-Qassam  Cyber  Fighters 
claimed  responsibility  for  the  attacks;  however,  researchers  were  divided 
about  whether  they  were  responsible.  Senator  Joe  Lieberman  claimed 
the  attacks  were  actually  conducted  by  Iran  in  response  to  US  economic 
sanctions.  The  article  provided  more  questions  than  answers.  Major 
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Johnson  wondered  who  actually  conducted  the  attack.  Could  it  even  be 
considered  an  attack,  and  if  so,  what  was  attacked:  the  customers,  the 
individual  banks,  the  US  economy?  Who  would  respond,  and  how? 

These  two  scenarios  highlight  the  critical  importance  of  attribution. 
In  the  case  of  Pearl  Harbor,  there  was  a  hostile  armed  attack  directly 
attributable  to  a  known  state  actor.  These  facts  established  the  proper 
response — war — and  the  proper  responder:  the  military.  In  the  second 
scenario,  the  act  and  actor  were  uncertain;  consequently,  the  proper  re¬ 
sponse  and  responder  were  equally  uncertain.  Actor  attribution  is  con¬ 
cerned  with  determining  who  is  responsible  for  a  hostile  cyber  act.  Act 
attribution  is  concerned  with  the  relative  severity  of  the  act.  Both  are 
necessary  to  determine  the  appropriate  response  to  an  act  of  cyber  hos¬ 
tility,  and  both  help  frame  which  organization  should  be  the  primary 
responder.  An  analytic  framework  incorporating  both  act  and  actor  attri¬ 
bution  helps  delineate  responsibility  for  hostile  cyber  acts  and  determine 
the  appropriate  response.  This  article  examines  the  definition  and  im¬ 
portance  of  cyber  attribution  and  proposes  such  an  analytic  framework 
for  considering  act  and  actor  attribution.  It  concludes  with  recommen¬ 
dations  to  address  the  problems  associated  with  such  attribution. 

Defining  Attribution 

The  Basic  Legal  Framework 

It  is  clear,  at  least  from  the  US  perspective,  that  cyberspace  is  not  a 
“law-free”  zone  and  that  established  principles  of  international  law  apply.3 
The  legal  framework  for  use  of  force  by  states  is  contained  in  the  Charter 
of  the  United  Nations,  which  generally  prohibits  states  from  using  force 
against  another  state.  As  specified  in  Article  2(4),  “All  Members  shall 
refrain  in  their  international  relations  from  the  threat  or  use  of  force 
against  the  territorial  integrity  or  political  independence  of  any  state, 
or  in  any  other  manner  inconsistent  with  the  Purposes  of  the  United 
Nations.”4  The  charter  recognizes  two  exceptions.  First,  Article  42  per¬ 
mits  use  of  force  if  authorized  by  the  UN  Security  Council.  Second,  and 
more  important  for  our  analysis,  Article  5 1  permits  use  of  force  in  self- 
defense  against  an  armed  attack,  stating  that  “nothing  in  the  present  Charter 
shall  impair  the  inherent  right  of  individual  or  collective  self-defence  if  an 
armed  attack  occurs  against  a  Member  of  the  United  Nations.”?  These 
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articles  did  not  originally  apply  to  the  conduct  of  nonstate  actors.  How¬ 
ever,  international  law  has  developed  so  that  states  may  use  force  in  self- 
defense  against  another  state  for  acts  of  nonstate  actors  attributed  to  it.6 
A  state  may  also  use  defensive  force  directly  against  nonstate  actors  if  the 
host  state  is  unable  or  unwilling  to  prevent  armed  attacks  from  emanating 
within  its  territory.7 

Finally,  the  use  of  force  is  bounded  by  the  law  of  armed  conflict 
(LOAC),  including  the  concepts  of  distinction,  necessity,  and  pro¬ 
portionality.  Applying  the  LOAC  to  hostile  cyber  acts  may  cause  un¬ 
necessary  concern  among  lawyers  and  unnecessary  hesitancy  among 
commanders.  This  is  because  responding  to  a  hostile  cyber  act  will 
likely  involve  targeting  dual-use  objects  and  because  of  the  perceived 
increased  risk  of  “knock-on,”  or  unexpected  collateral  damage. 

Dual-use  objects  may  serve  both  a  military  and  civilian  function.  The 
typical  example  is  a  bridge,  which  is  equally  useful  for  conveying  both 
military  and  civilian  vehicles.  Similarly,  most  hostile  cyber  acts  will  transit 
civilian  cyber  infrastructure,  including  computing  systems,  data  storage 
systems,  and  telecommunication  lines.  Further,  malicious  cyber  code 
may  be  prepositioned  on  civilian  cyber  infrastructure.  Despite  the  fact 
that  these  are  clearly  dual-use  objects,  the  LOAC  often  permits  them 
to  be  targeted.  Addressing  the  issue  involves  applying  Article  52(2)  of 
the  Protocol  additional  to  the  Geneva  Conventions  (GPI)  to  the  facts.8 
Although  the  United  States  has  not  ratified  the  GPI,  it  recognizes  Article 
52(2)  as  binding  customary  international  law.  Article  52(2)  sets  out  a 
two-part  test  for  analyzing  whether  an  object  is  an  appropriate  military 
target.  The  first  issue  is  one  of  distinction — is  the  object  a  legitimate 
military  objective?  Article  52(2)  limits  attacks  to  objects  who’s  “nature, 
location,  purpose  or  use  make  an  effective  contribution  to  military  action.” 
In  the  case  of  hostile  cyber  acts,  cyber  infrastructure  may  be  a  legitimate 
military  objective  if  it  is  used  to  conduct  a  hostile  cyber  act  or  if  mali¬ 
cious  code  is  prepositioned  on  it  in  anticipation  of  a  future  hostile  use. 
In  either  case,  the  use  of  the  object  may  make  it  a  legitimate  military 
objective  and  therefore  appropriately  targetable.  The  second  issue  is  one 
of  necessity.  Does  the  total  or  partial  destruction  or  neutralization  of  the 
object,  in  the  circumstances  ruling  at  the  time,  offer  a  definite  military 
advantage?  In  the  case  of  an  ongoing  hostile  cyber  act  or  prepositioned 
malicious  code,  this  is  a  fairly  low  hurdle  to  overcome,  especially  after 
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making  the  initial  determination  that  the  object  is  a  legitimate  mili¬ 
tary  objective. 

The  potential  for  unexpected  collateral  damage  is  another  issue  that 
appears  difficult  at  first  blush.  Although  the  facts  may  be  more  compli¬ 
cated,  traditional  application  of  LOAC  is  all  that  is  required.  Here,  the 
issue  is  one  of  proportionality — an  attack  is  generally  prohibited  if  the 
damage  to  noncombatants  is  excessive  in  relation  to  the  military  advan¬ 
tage  gained  from  the  attack.  The  problem  with  attacking  dual-use  cyber 
infrastructure  is  that  it  is  difficult,  if  not  impossible,  to  fully  anticipate 
the  extent  of  the  likely  collateral  damage.  Luckily,  that  is  not  required.  In 
attempting  to  predict  collateral  damage,  the  commander  is  “only  required 
to  do  what  is  feasible,  given  the  prevailing  circumstances,  including  the 
time  he  has  to  make  a  decision  and  the  amount  of  information  he  has 
at  that  time.”9  If  anything,  the  difficulty  of  precisely  determining  what 
collateral  damage  may  be  expected  benefits  commanders  by  affording 
them  significant  latitude  in  the  decision-making  process. 

The  basic  legal  framework  may  be  summarized  as  follows: 

•  States  may  generally  not  use  force  against  other  states. 

•  States  may  use  force  against  other  states  if 

a.  force  is  authorized  by  the  UN  Security  Council,  or 

b.  force  is  used  in  self-defense  against  an  armed  attack  by  (1)  another 
state  or  (2)  a  nonstate  actor  if  the  act  can  be  imputed  to  a  state. 

•  Force  may  be  used  in  self-defense  directly  against  nonstate  actors  if 
the  host  state  is  unable  to  prevent  armed  attacks  by  nonstate  actors. 

•  Use  of  force  is  limited  by  LOAC  principles. 

Ultimately,  determining  an  appropriate  response  to  a  hostile  cyber  act 
requires  analyzing  who  the  actor  is  (state,  nonstate,  unknown)  and  what 
the  act  is  (armed  attack  or  not  an  armed  attack).  In  other  words,  actor 
and  act  attribution. 

Actor  Attribution 

Actor  attribution  is  simply  determining  who  should  be  held  respon¬ 
sible  for  a  hostile  cyber  act.  As  noted  in  the  2011  Department  of  Defense 
Strategy  for  Operating  in  Cyberspace ,  low  barriers  to  entry  for  hostile 
cyber  acts,  coupled  with  widespread  availably  of  hacking  tools,  means 
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that  small  groups,  and  even  individuals,  can  impact  national  security.10 
However,  a  significant  issue  from  a  response  perspective  is  not  the  iden¬ 
tity  of  the  actors  but  whether  the  hostile  cyber  acts  are  attributable  to  a 
specific  state.  This  distinction  helps  determine  the  appropriate  response, 
responder,  and  rules  for  engagement. 

Hostile  cyber  acts  can  be  attributed  to  a  state  either  directly  or  in¬ 
directly.11  The  two  methods  of  state  attribution  are  briefly  described  as 
follows: 

Direct  Attribution.  States  are  responsible  for  the  acts  or  omissions 
of  individuals  exercising  the  state’s  machinery  of  power  and  authority 
since  these  actions  are  attributed  to  the  state  even  if  the  acts  exceed 
the  authority  granted  by  the  state. 

Indirect  Attribution.  Acts  or  omissions  of  nonstate  actors  are  generally 
not  attributable  to  the  state;  however,  the  state  may  incur  responsi¬ 
bility  if  it  fails  to  exercise  due  diligence  in  preventing  or  reacting  to 
such  acts  or  omissions.12 

Although  not  universally  accepted  in  international  law,  it  is  generally 
accepted  in  practice  that  a  state’s  right  to  use  force  in  self-defense  is 
also  triggered  by  armed  attacks  which  cannot  be  attributed  to  a  state. 
For  example,  an  armed  attack  may  emanate  from  a  state  without  that 
state’s  knowledge  or  ability  to  prevent  it.  In  such  circumstances,  the 
armed  attack  is  attributed  directly  to  the  attackers,  and  the  victim  state 
may  defend  with  force  directly  against  the  nonstate  actors  despite  their 
being  located  in  a  neutral  or  even  allied  state.  As  recently  noted  in  the 
Journal  of  Conflict  and  Security  Law,  it  is  the  nature  of  the  hostile  act 
that  triggers  the  right  to  self-defense,  not  the  nature  of  the  actor.13  This 
simply  comports  with  common  sense.  A  state  should  not  be  required 
to  endure  an  armed  attack  by  nonstate  actors  when  it  has  the  means  to 
defend  itself  consistent  with  fundamental  LOAC  principles.  US  attacks 
against  terrorists  operating  within  Pakistan  are  one  concrete  application 
of  this  concept.  Once  a  state  has  been  subjected  to  an  armed  attack,  it 
may  forcibly  defend  itself.  The  decision  of  whether  to  do  so  is  a  matter  of 
policy,  and  ultimately  the  response  must  satisfy  basic  LOAC  principles 
including  necessity,  proportionality,  and  distinction. 
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Act  Attribution 

Act  attribution  is  the  process  of  defining  the  severity  of  the  hostile  cyber 
act.14  Hostile  cyber  acts  may  range  from  something  as  benign  as  at¬ 
tempting  to  ping  a  network  computer  to  an  attack  on  the  US  power  grid 
leaving  millions  without  power  for  months.15  Similarly,  there  is  a  broad 
range  of  potential  defensive  actions  that  may  be  taken  by  the  victim 
state.  A  simple  continuum  of  potential  responses  is  presented  in  figure  1 . 
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Figure  1.  Continuum  of  potential  cyber-attack  responses 


Supplementing  these  potential  actions  is  a  state’s  full  range  of  diplomatic 
and  political  responses  to  cyber  hostility.  However,  any  response  by  a 
victim  state  must  be  determined  in  part  by  the  severity  of  the  hostile  act. 

A  state  may  passively  defend  against  all  hostile  actions;  however,  it 
may  only  forcibly  retaliate  in  self-defense  against  armed  attacks.  By 
extension,  imminent  armed  attacks  allow  states  to  respond  in  anticipa¬ 
tory  self-defense.16  International  law  currently  is  silent  on  whether  a 
cyber  attack  can  be  considered  an  armed  attack.  However,  the  United 
States  has  taken  an  affirmative  position  on  the  issue.  The  May  2011 
International  Strategy  for  Cyberspace  states,  “Right  of  Self-Defense:  Con¬ 
sistent  with  the  United  Nations  Charter,  states  have  an  inherent  right 
to  self-defense  that  may  be  triggered  by  certain  aggressive  acts  in  cyber¬ 
space.”17  This  echoes  the  language  of  Article  51  of  the  UN  charter  which 
says  that  states  have  the  inherent  right  to  engage  in  individual  or  collec¬ 
tive  self-defense  in  response  to  an  armed  attack.18  So,  clearly  the  United 
States  has  adopted  the  position  that  a  hostile  cyber  act  may  be  treated 
as  an  armed  attack.  But  given  the  range  of  hostile  cyber  actions,  how  do 
we  determine  whether  such  an  act  rises  to  the  level  of  an  armed  attack? 
If  the  effects  of  a  cyber  attack  are  the  equivalent  of  a  traditional  armed 
attack,  then  states  should  be  permitted  to  respond  accordingly.  The  leading 
proponent  of  this  effects-based  approach  is  Michael  N.  Schmitt.  His 
effects-based  analysis  evaluates  hostile  cyber  acts  based  on  six  criteria: 
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1.  Severity:  Armed  attacks  threaten  physical  injury  or  destruction  of 
property  to  a  greater  degree  than  other  forms  of  coercion. 

2.  Immediacy:  Armed  attacks  usually  occur  with  greater  immediacy. 

3.  Directness:  Armed  attacks  have  a  more  direct  link  to  the  negative 
consequences  caused. 

4.  Invasiveness:  Armed  attacks  usually  cross  into  the  target  state  to 
cause  harm. 

5.  Measurability:  The  consequences  of  an  armed  attack  are  easier  to 
measure. 

6.  Presumptive  Legitimacy:  Because  of  the  general  prohibition  on  the 
use  of  armed  force  between  states  in  international  law,  an  armed 
attack  is  presumed  illegitimate.19 

This  framework  can  readily  be  applied  to  cyber  attacks  to  determine 
whether  a  given  hostile  act  may  be  considered  an  armed  attack.20  If  so, 
a  forcible  response  may  be  appropriate.  If  not,  some  lesser  form  of  re¬ 
sponse  may  be  required. 

The  Importance  of  Attribution 

An  assessment  of  both  act  and  actor  attribution  is  central  in  deter¬ 
mining  the  appropriate  response  to  a  hostile  cyber  act.  A  government 
may  respond  in  a  variety  of  ways  including  monitoring,  improving  pas¬ 
sive  defenses,  applying  political  pressure,  employing  active  defenses,  and 
counterstriking  with  both  cyber  and  conventional  weapons.  Passive 
defense  is  defined  as  “measures  taken  to  reduce  the  probability  of  and  to 
minimize  the  effects  of  damage  caused  by  hostile  action  without  the  in¬ 
tention  of  taking  the  initiative.”21  Passive  defense  in  the  cyber  realm  in¬ 
cludes  making  systems  more  difficult  to  attack  through  antiviruses  and 
firewalls,  educating  users  to  be  more  security  conscious,  and  reducing 
postattack  recovery  times  through  redundancy  and  backup  systems.22 
By  contrast,  active  defense  is  “the  employment  of  limited  offensive  action 
and  counterattacks  to  deny  a  contested  area  or  position  to  the  enemy.”23 
In  the  cyber  realm  this  translates  to  initiating  a  cyber  counterattack  as 
a  defensive  response  to  a  hostile  cyber  attack.24  Defensive  cyber  attacks 
can  be  broken  down  into  two  types.  If  the  goal  is  to  mitigate  harm  to  a 
targeted  system  using  only  the  amount  of  force  necessary  to  protect  the 
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system  from  further  damage,  it  is  considered  a  mitigative  counterstrike. 
The  purpose  of  a  mitigative  counterstrike  must  be  to  mitigate  damage 
from  an  immediate  threat.  If  the  goal  of  the  counterstrike  is  to  punish 
the  attacker,  it  is  considered  a  retributive  counterstrike.25  Under  inter¬ 
national  law,  only  the  mitigative  counterstrike  is  truly  defensive,  because 
its  purpose  is  to  defend  against  an  immediate  threat. 

Actor  and  act  attribution  is  also  critical  in  determining  which  govern¬ 
ment  entity  should  take  the  lead  in  responding  to  a  hostile  cyber  act. 
Several  government  agencies  are  tasked  with  cyber  operations  and  respon¬ 
sibilities.  As  summarized  by  Gen  Keith  B.  Alexander,  commander  for 
US  Cyber  Command  (CYBERCOM),  these  agencies  include: 

•  Department  of  Defense/Intelligence  Community/NSA/CYBERCOM: 
Responsible  for  detection,  prevention,  and  defense  in  foreign  space, 
foreign  cyber  threat  intelligence  and  attribution,  security  of  national 
security  and  military  systems,  and,  in  extremis,  defense  of  the  home¬ 
land  if  the  nation  comes  under  cyber  attack  from  a  full  scope  actor. 

•  Department  of  Homeland  Security  (DHS):  Lead  for  coordinat¬ 
ing  the  overall  national  effort  to  enhance  the  cyber  security  of  US 
critical  infrastructure  and  ensuring  protection  of  the  civilian  federal 
government  (.gov)  networks  and  systems. 

•  Federal  Bureau  of  Investigation  (FBI):  Responsible  for  detection, 
investigation,  prevention,  and  response  within  the  domestic  arena 
under  their  authorities  for  law  enforcement,  domestic  intelligence, 
counterintelligence,  and  counterterrorism.  Importantly,  when 
malicious  cyber  activity  is  detected  in  domestic  space,  the  FBI  takes 
the  lead  to  prevent,  investigate,  and  mitigate  it.26 


The  Difficulty  of  Conclusive  Attribution 

Both  act  and  actor  attribution  are  difficult  to  prove  with  scientific 
certainty.  Computer  networks  are  not  designed  to  facilitate  attribution, 
and  hostile  actors  exploit  this  weakness  to  hide  their  true  identity.  For 
example,  the  Internet  typically  does  not  use  sender  identification  dur¬ 
ing  the  transmission  process,  so  source  information  can  easily  be  forged. 
Masking  the  sender  information  in  this  manner  is  commonly  referred 
to  as  “spoofing.”  Hostile  cyber  actors  can  also  hide  their  identity  and 


Strategic  Studies  Quarterly  ♦  Spring  20 1 4 


[121] 


Eric  F.  Mejia 


location  by  employing  a  system  that  transforms  data  in  some  manner, 
known  as  a  “laundering  host.”  Cyber  actors  may  employ  an  attack  that 
is  complete  in  milliseconds,  or  alternatively,  is  spread  out  over  months. 
All  of  these  factors  make  cyber  actor  attribution  difficult.2  The  degree 
of  difficulty  is  subject  to  some  debate.  Former  secretary  of  defense  Leon 
Panetta  stated  in  late  2012  that  the  Department  of  Defense  had  made 
“significant  investments  in  forensics  to  address  this  problem  of  attribution” 
and  that  “potential  aggressors  should  be  aware  that  the  United  States 
has  the  capacity  to  locate  them  and  to  hold  them  accountable  for  their 
actions  that  may  try  to  harm  America.”28  However,  such  a  public  decla¬ 
ration  raises  several  issues.  First,  is  the  statement  an  accurate  assessment 
of  capabilities  or  is  it  more  akin  to  posturing  in  an  attempt  to  deter 
potential  adversaries?  Second,  if  the  statement  is  technologically  accu¬ 
rate,  acknowledging  this  capability  and  subsequently  using  it  to  attri¬ 
bute  a  hostile  act  to  a  specific  actor  runs  the  risk  of  compromising  the 
methods  and  techniques  used  in  the  process.  Finally — given  the  highly 
adaptive  nature  of  cyber  warfare — cyber  defenses,  including  forensics, 
will  inevitably  be  thwarted  by  constantly  evolving  cyber  threats.  Even 
if  the  technical  issue  of  attribution  is  overcome,  what  degree  of  confi¬ 
dence  must  be  achieved  to  support  a  finding  that  a  state  is  responsible 
under  international  law?  Certain?  Very  certain?  These  are  subjective 
political  determinations  that  simply  do  not  lend  themselves  to  precise 
quantitative  analysis. 

This  same  issue  exists  when  trying  to  assess  act  attribution.  Using  the 
Schmitt  model  to  determine  if  a  hostile  cyber  act  is  tantamount  to  an 
armed  attack  requires  applying  a  subjective  analysis.  How  severe  is 
severe ?  What  is  the  definition  of  immediate ?  What  constitutes  a  direct 
link  between  a  hostile  cyber  act  and  the  consequences  of  the  act?  All  of 
these  questions  require  a  subjective,  nonscientific  assessment. 

Fortunately,  the  legal  community  has  been  dealing  with  the  problem 
of  subjective  actor  and  act  attribution  and  has  extensively  developed 
the  concepts  and  lexicon  related  to  subjective  attribution.  This  is  most 
evident  in  the  law  related  to  civil  and  criminal  trials.  Tegal  experts  refer 
to  these  subjective  criteria  as  “standards  of  proof.”  A  few  of  the  more 
common  ones,  in  order  of  the  degree  of  certainty,  are: 

•  Scintilla  of  evidence — the  least  amount  of  evidence  possible. 
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•  Preponderance  of  the  evidence — In  a  civil  trial  the  issue  to  be  de¬ 
cided  is  often  whether  or  not  one  party  is  negligent,  and  therefore 
financially  responsible  for  the  losses  incurred  by  the  other  party. 
The  subjective  standard  used  by  courts  to  assess  this  question  of  liability 
is  called  the  preponderance  of  the  evidence  standard.  This  is  simply 
defined  as  more  probable  than  not. 

•  Clear  and  convincing  evidence — creating  a  firm  belief  or  conviction. 
It  is  an  intermediate  level  of  proof,  being  more  than  a  preponderance 
of  the  evidence  but  less  than  what  is  required  for  proof  beyond  a 
reasonable  doubt. 

•  Beyond  a  reasonable  doubt — This  is  the  standard  used  to  establish 
criminal  guilt,  which  is  the  equivalent  of  actor  attribution,  as  well  as  to 
determine  the  specific  criminal  offense  committed,  which  is  the  equiv¬ 
alent  of  act  attribution.  It  means  entirely  convinced  and  satisfied  to  a 
moral  certainty.  However,  it  is  less  than  a  scientific  certainty.29 

Employing  legal  subjective  criteria  is  not  a  new  or  novel  idea.  In  a  2009 
Microsoft  white  paper,  the  author  suggested  a  similar  subjective  assess¬ 
ment  for  cyber  attribution,  noting  that 

it  [is]  important  to  focus  on  probability  of  accurate  attribution,  as  opposed  to 
certainty  of  attribution.  In  many  areas,  of  course,  absolute  certainty  is  seldom 
achievable.  For  this  reason,  a  range  of  different  standards  have  developed  (for 
example,  proof  beyond  a  reasonable  doubt,  a  preponderance  of  the  evidence) 
and  individuals  and  organizations  often  have  to  rely  upon  probabilities  when 
making  critical  decisions  (such  as  when  opting  for  one  medical  treatment  over 
another).  Of  course,  the  greater  the  certainty,  the  easier  it  may  be  to  choose  a 
course  of  action,  but  that  does  not  mean  certainty  is  required  before  reasonable 
action  can  be  taken.30 

While  it  would  be  naive  to  assume  that  one  could  import  the  whole  of 
court-based  attribution  concepts  to  assess  cyber  attribution,  several  key 
points  are  evident.  First,  scientific  proof  is  not  necessary  for  attribution. 
While  scientific  certainty  is  the  “gold  standard”  of  proof,  it  is  rarely 
obtainable,  and  historically  has  not  been  necessary  to  establish  attribution. 
Second,  as  previously  noted,  attribution  is  routinely  based  on  subjective 
determinations.  Third,  when  using  a  subjective  assessment  of  attribu¬ 
tion,  severity  of  the  consequences  is  linked  to  the  degree  of  confidence. 
A  court  may  assess  financial  responsibility  based  on  a  preponderance  of 
the  evidence,  but  it  takes  a  much  higher  degree  of  confidence  to  establish 
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criminal  guilt.  Finally,  although  many  technical  experts  may  be  hesi¬ 
tant  or  uncomfortable  using  a  subjective  assessment,  the  government, 
through  its  legal  community,  has  at  its  disposal  established  expertise  in 
subjective  attribution. 


An  Analytic  Model  for  Actor  and  Act  Attribution 

Based  on  the  foregoing,  the  factors  included  in  any  proposed  analytic 
model  should  be  based  on  a  subjective  assessment  of  act  and  actor  at¬ 
tribution.  An  assessment  of  these  factors  should  indicate  who  should 
respond  to  an  act  of  cyber  hostility  and  what  the  upper  range  of  appropri¬ 
ate  responses  should  be.  Ideally,  the  responses  would  incorporate  basic 
LOAC  principles.  Combining  these  basic  concepts  yields  the  analytic 
model  proposed  in  figure  2. 
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Figure  2.  Analytic  model  for  actor  and  act  attribution 

Several  issues  are  worth  noting.  First,  act  and  actor  attribution  are  dy¬ 
namic.  Just  as  in  conventional  warfare,  the  preparation  for  a  hostile  cyber 
act  may  occur  in  one  location,  yet  the  act  itself  may  originate  in  a  dif¬ 
ferent  location  or,  even  more  likely,  be  distributed  throughout  a  va¬ 
riety  of  locations.  Further,  although  an  act  may  appear  harmless  at  first, 
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subsequent  information  or  events  may  show  it  to  be  significantly  more 
harmful  than  initially  believed.  Therefore,  the  appropriate  response  and 
responder  are  likely  to  be  dynamic  as  well,  involving  several  organizations 
and  a  potentially  escalating  series  of  responses.  Second,  the  responsive 
actions  in  each  quadrant  represent  the  upper  limits  of  an  appropriate 
response.  For  example,  the  Department  of  State  (DoS)  may  elect  not  to 
apply  diplomatic  pressure  to  a  state  actor  for  a  variety  of  reasons,  even  if 
justified  by  hostile  cyber  acts.  Further,  the  various  instruments  of  power 
described  are  not  equally  effective  on  all  hostile  actors.  For  example,  it 
is  unlikely  that  a  rouge  individual  would  be  greatly  deterred  by  political/ 
diplomatic  pressure.  Although  a  military  strike  against  an  individual 
would  likely  be  effective,  it  is  politically  untenable.  As  always,  effective 
application  of  the  instruments  of  power  is  an  art,  and  a  mechanistic  ap¬ 
proach  will  likely  fail.  Finally,  the  quadrants  do  not  reflect  sole  respon¬ 
sibility  for  responding  to  hostile  cyber  acts.  However,  the  framework 
does  help  assign  primary  or  lead  responsibility,  with  other  agencies  in  a 
supporting  role. 

Quadrant  1:  Low  Actor  Attribution  Confidence/Low  Degree 
of  Harm 

In  this  common  scenario,  government  agencies  are  faced  with  numerous 
relatively  innocuous  yet  unauthorized  cyber  acts.  For  example,  in  3  June 
2010,  General  Alexander  stated  that  DoD  systems  are  probed  by  unauthor¬ 
ized  cyber  actors  approximately  250,000  times  per  hour,  or  the  equivalent 
of  more  than  6  million  times  each  day.31  Most  cause  no  damage  and  do  not 
result  in  a  compromise  of  data.  According  to  the  US  Computer  Emergency 
Readiness  Team  (US-CERT),  in  2009,  approximately  73.4  percent  of  all 
reported  cyber  incidents  were  categorized  as  “Category  5:  Scans,  Probes, 
or  Attempted  Access.”  This  includes  “any  activity  that  seeks  to  access  or 
identify  a  federal  agency  computer,  open  ports,  protocols,  service,  or 
any  combination  for  later  exploit.  This  activity  does  not  directly  result 
in  a  compromise  or  denial  of  service.”32  For  these  types  of  acts,  passive 
defense  is  an  appropriate  response.  The  vast  majority  of  Quadrant  1 
actions  are  easily  defeated  by  encryption,  firewalls,  antivirus  and  anti¬ 
malware  programs,  or  other  purely  passive  measures. 


Strategic  Studies  Quarterly  ♦  Spring  20 1 4 


[125] 


Eric  F.  Mejia 


Quadrant  2:  High  Actor  Attribution  Confidence/Low  Degree 
of  Harm 

In  this  scenario,  the  government  is  again  faced  with  acts  that  cause 
little  harm.  However,  the  acts  are  still  unauthorized  and  may  be  the 
harbinger  of  more  serious,  and  more  harmful,  future  acts.  Unlike  the 
scenario  in  Quadrant  1,  these  acts  can  confidently  be  attributed  to  an 
identified  actor.  Under  these  circumstances,  passive  defensive  measures 
alone  may  be  insufficient.  However,  because  the  acts  are  insufficiently 
harmful  to  be  considered  equivalent  to  an  armed  attack,  offensive  strikes 
and  defensive  counterstrikes  are  not  necessary  or  proportional  to  the 
harm  being  caused.  In  addition  to  passive  defense,  employing  appropriate 
diplomatic  pressure  may  be  appropriate  for  state  actors.  This  approach  is 
consistent  with  the  May  2011  International  Strategy  for  Cyberspace.  This 
document  states  that  the  United  States  will  combine  diplomacy,  defense, 
and  development  to  achieve  the  national  goal  of  cyber  security.  Diplo¬ 
matic  efforts  will  be  focused  on  engaging  “the  international  community 
in  frank  and  urgent  dialogue,  to  build  consensus  around  principles  of  re¬ 
sponsible  behavior  in  cyberspace  and  the  actions  necessary,  both  domes¬ 
tically  and  as  an  international  community,  to  build  a  system  of  cyber¬ 
space  stability.”33  Diplomatic  efforts  to  stem  the  tide  of  less  serious  cyber 
acts  are  not  new.  For  several  years  the  United  States  has  been  engaged  in 
such  efforts  to  dissuade  China  from  continuing  cyber  espionage  against 
both  the  US  government  and  US  corporations.  Former  defense  secre¬ 
tary  Leon  Panetta  spent  three  days  in  China  addressing  the  issue  of  its 
cyber  activity.  This  is  an  appropriate  response  to  state-attributed  cyber 
acts  which  fall  short  of  an  armed  attack.  As  noted  by  James  Lewis,  cyber 
security  expert  with  the  Center  for  Strategic  and  International  Studies, 
“The  damage  from  Chinese  cyber  espionage  is  easy  to  overstate  but  that 
doesn’t  mean  we  should  accept  it.”34  To  facilitate  diplomatic  efforts  at 
cyber  security,  the  DoS  recently  created  a  new  office.  The  Office  of  the 
Coordinator  for  Cyber  Issues  is  tasked  with  coordinating  DoS  global 
diplomatic  engagement  on  cyber  issues,  serving  as  the  DoS  liaison  to 
the  White  House  and  federal  departments  and  agencies  on  cyber  issues, 
and  advising  the  secretary  and  deputy  secretaries  on  cyber  issues  and 
engagements.35  If  the  hostile  actor  is  a  non-state-affiliated  individual  or 
group,  the  Federal  Bureau  of  Investigation,  Department  of  Justice,  or 
analogous  international  organizations  will  be  primarily  responsible  for 
any  investigation  and  prosecution,  if  appropriate. 
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Quadrant  3:  Low  Actor  Attribution  Confidence/High  Degree 
of  Harm 

In  this  scenario,  the  government  is  faced  with  a  hostile  cyber  act  ca¬ 
pable  of  causing  significant  harm.  The  harm  threatened,  or  caused,  may 
be  sufficient  to  be  considered  the  equivalent  of  an  armed  attack.  Within 
the  cyber  realm,  this  may  involve  harming  the  nation’s  key  resources  or 
critical  infrastructure.  However,  there  is  insufficient  evidence  to  confi¬ 
dently  attribute  the  act  to  a  specific  state  or  nonstate  actor.  One  poten¬ 
tial  example  of  this  would  be  unidentified  actors  using  a  state’s  IT  infra¬ 
structure  to  conduct  an  attack  without  the  consent,  or  even  knowledge, 
of  that  state.  Retributive  strikes  require  attribution,  which  is  lacking  in 
this  scenario.  However,  the  LOAC  still  permits  action  in  self-defense. 
When  a  state  is  unable  to  prevent  attacks  emanating  from  inside  its  borders 
or  the  attackers  operate  independently  of  the  state,  the  victim  state  may 
still  use  force  in  self-defense,  provided  it  meets  the  requirements  of 
necessity,  proportionality,  and  distinction.36  Under  these  circumstances, 
active  defenses,  including  mitigative  counterstrikes,  may  be  appropri¬ 
ate.  The  goal  of  mitigative  counterstriking  is  to  “mitigate  damage  from 
a  current  and  immediate  threat.”17  These  active  but  purely  defensive 
measures  can  trace  an  attack  back  to  its  source  and  immediately  inter¬ 
rupt  the  attack.  Further,  mitigative  counterstrikes  are  relatively  precise. 
This  precision  limits  the  risk  of  excessive  collateral  damage.  Limiting 
collateral  damage  helps  satisfy  the  requirement  of  proportionality  and 
helps  reduce  the  risk  of  escalating  cyber  attacks  into  full-scale  kinetic 
attacks  between  states.38  Finally,  because  of  their  precision,  reduced  risk 
of  collateral  damage,  and  purely  defensive  nature,  automated  mitigative 
counterstrikes  are  less  likely  to  violate  international  LOAC  norms. 

Mitigation  of  cyber  attacks  is  squarely  within  the  purview  of  the  DHS. 
Homeland  Security  Presidential  Directive  7  establishes  the  national  policy 
for  identifying  and  protecting  critical  US  infrastructure  and  defines 
the  roles  of  the  various  federal  and  state  departments.  The  secretary  of 
homeland  security  is  responsible  for  “coordinating  the  overall  national 
effort  to  enhance  the  protection  of  the  critical  infrastructure  and  key  re¬ 
sources  of  the  United  States  [and  serves  as]  the  principal  Federal  official  to 
lead,  integrate,  and  coordinate  implementation  of  efforts  among  Federal 
departments  and  agencies,  State  and  local  governments,  and  the  private 
sector  to  protect  critical  infrastructure  and  key  resources.”39  To  fulfill 
this  responsibility,  DHS  created  the  National  Cyber  Security  Division, 
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which  is  responsible  for  analysis,  warning,  information  sharing,  vulner¬ 
ability  reduction,  mitigation,  and  aiding  national  recovery  efforts  for 
critical  infrastructure  information  systems.40  One  of  its  specified  mis¬ 
sions  is  safeguarding  and  securing  cyberspace,  and  one  of  its  key  stra¬ 
tegic  outcomes  in  performing  this  mission  is  that  “cyber  disruptions  or 
attacks  are  detected  in  real-time  [sic\,  consequences  are  mitigated,  and 
services  are  restored  rapidly.”41 

Quadrant  4:  High  Actor  Attribution  Confidence/High  Degree 
of  Harm 

In  this  scenario,  the  government  is  faced  with  a  hostile  cyber  act  tanta¬ 
mount  to  an  armed  attack.  Further,  there  is  a  high  degree  of  actor  at¬ 
tribution  confidence.  Conceptually,  this  is  the  equivalent  of  a  kinetic  at¬ 
tack  against  the  United  States,  therefore  a  DoD  response  is  appropriate. 
Further,  there  is  no  prohibition  against  responding  with  kinetic  force 
against  a  cyber  attack  provided  the  response  meets  traditional  LOAC 
requirements.  This,  too,  is  consistent  with  the  2011  International  Strategy 
for  Cyberspace ,  which  states:  “We  fully  recognize  that  cyberspace  activi¬ 
ties  can  have  effects  extending  beyond  networks;  such  events  may  re¬ 
quire  responses  in  self-defense.  .  .  .  When  warranted,  the  United  States 
will  respond  to  hostile  acts  in  cyberspace  as  we  would  to  any  other  threat 
to  our  country. 

There  is  little  disagreement  that  the  DoD  should  be  the  lead  agency 
in  this  scenario.  As  noted  by  the  US  CYBERCOM  commander,  in  ex¬ 
treme  situations,  it  is  the  role  of  the  DoD  to  defend  “the  homeland  if  the 
Nation  comes  under  cyber  attack  from  a  full  scope  actor.”4"  However, 
some  argue  that  the  DoD  should  take  a  more  expansive  role  in  cyber¬ 
security,  essentially  performing  the  DHS’s  assigned  role.  Much  of  this 
argument  is  based  on  the  perceived  effectiveness  of  the  DoD,  or  rather 
the  perceived  ineffectiveness  of  the  DHS.  However,  an  expanded  role  for 
the  DoD  in  cybersecurity  is  the  wrong  approach.  First,  it  unnecessarily 
expands  the  role  of  the  military.  The  military  would  undoubtedly  per¬ 
form  well  at  securing  transportation  hubs,  power  plants,  water  treatment 
facilities,  critical  manufacturing  sites,  and  other  critical  national  infra¬ 
structure.  However,  that  is  not  the  mission  of  the  military;  the  mission 
of  the  military  is  to  wage  war.  Further,  effective  cyber  defense  requires 
a  degree  of  domestic  intrusion  which  should  not  be  conducted  by  the 
DoD.  As  noted  by  retired  major  general  Charles  Dunlap,  “The  armed 
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forces  are  the  most  authoritarian,  least  democratic,  and  most  powerful 
institution  in  American  society.  The  restraint  intrinsic  to  a  domestic  law 
enforcement  mind-set  is  not  its  natural  state.  ...  If  nothing  else,  the  fact 
that  the  armed  forces  unapologetically  restrict  the  rights  and  privileges 
of  their  own  members  should  militate  toward  avoiding  their  use  in  civil¬ 
ian  settings  where  the  public  properly  expects  those  rights  and  privileges 
to  flourish.”44 


Conclusion  and  Recommendations 

The  cyber  community  must  recognize  the  critical  importance  of  at¬ 
tribution.  It  is  the  basis  for  effective  diplomacy,  law  enforcement,  and  a 
prerequisite  for  offensive  military  counterstrikes  under  the  law  of  armed 
conflict.  The  first  fundamental  question  that  must  be  answered  after  a 
hostile  act  is:  who  committed  the  act?  The  second  is:  how  much  dam¬ 
age  was  done?  An  accurate  assessment  of  actor  and  act  attribution  helps 
define  both  the  proper  response  to  an  act  of  cyber  aggression  and  helps 
determine  the  appropriate  lead  agency  to  respond  to  such  an  act. 

Because  actor  and  act  attribution  fundamentally  drive  cyber  defense, 
efforts  to  enhance  technical  attribution  should  be  given  priority.  Al¬ 
though  assessing  attribution  is  subjective,  often  the  evidence  used  in 
such  an  assessment  is  technical.  Attributing  a  hostile  cyber  act  is  a  pre¬ 
requisite  to  effective  deterrence.  No  hostile  actor,  whether  nation-state 
or  rogue  individual,  will  ever  be  deterred  from  hostile  cyber  activity  if 
they  can  effectively  deny  responsibility.  Further,  the  international  com¬ 
munity  is  unlikely  to  support  military  action  unless  a  hostile  act  equiva¬ 
lent  to  an  armed  attack  can  successfully  be  attributed  to  an  offending 
party.  Because  hostile  actors  will  continue  to  develop  new  methods  to 
mask  their  activity,  effective  deterrence  demands  that  the  United  States 
continue  to  enhance  its  technical  attribution  capability. 

Legal  expertise  is  critical  in  assessing  attribution  and  framing  an  ap¬ 
propriate  response.  Although  the  cyber  domain  is  relatively  new,  the 
art  of  actor  and  act  attribution  is  ancient.  Every  criminal  prosecution 
that  has  ever  occurred  fundamentally  required  a  subjective  determina¬ 
tion  of  guilt  (actor  attribution)  and  offense  (act  attribution).  Legal  prac¬ 
titioners,  although  often  ignorant  of  the  technical  aspects  of  the  cyber 
domain,  are  well  versed  in  the  art  of  attribution.  Cyber  experts  may  be 
technically  adept  but  are  often  ignorant  of  the  nuances  of  subjective 
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attribution.  Close  integration  of  both  legal  experts  and  technical  cyber 
experts  is  critical  to  establishing  an  appropriate  cyber  policy  and  appro¬ 
priate  responses  to  specific  hostile  cyber  acts. 

An  analytic  framework  is  an  essential  tool  for  cyber  practitioners.  In 
a  field  where  significant  ambiguity  may  exist,  both  as  to  the  nature  of 
the  act  and  the  identity  of  the  actor,  an  analytic  construct  promotes  di¬ 
agnostic  consistency.  Additionally,  it  helps  define  roles  and  missions  for 
various  responders  and  provides  a  common  framework  and  understand¬ 
ing  of  responsibility.  The  analytic  framework  also  enhances  deterrence 
by  providing  notice  to  hostile  cyber  actors  that  the  consequences  they 
should  expect  from  committing  a  hostile  cyber  act  are  determined,  in 
part,  by  the  severity  of  the  hostile  act  and  that  a  severe  hostile  act  will 
merit  a  military  response. 
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Airpower  Writings  of 
John  Andreas  Olsen 

Dr.  John  Olsen  is  a  Royal  Norwegian  Air  Force  colonel  who  has  served 
as  an  educator,  teaching  at  the  Norwegian  and  Swedish  National  Defence 
Colleges;  an  operator,  as  deputy  commander  of  the  NATO  advisory  team 
in  Sarajevo;  and  a  strategist — as  military  advisor  to  the  Norwegian  Em¬ 
bassy  in  Berlin  and  currently  the  Norwegian  Ministry  of  Defence.  He 
earned  a  PhD  from  De  Montfort  University  in  Leicester,  England,  and 
more  importantly,  is  a  student  of  airpower  who  thinks  deeply  and  writes 
eloquently  on  its  role  in  modern  war.  This  essay  looks  at  five  of  his  most 
important  books. 

The  first  Gulf  War,  Desert  Storm,  was  one  of  the  most  tactically  decisive 
victories  in  modern  history.  It  is  easy  to  forget  that  in  1990  Saddam  Hussein’s 
Iraq  was  considered  a  very  formidable  opponent.  It  had  the  world’s  fourth- 
largest  army,  battle  hardened  after  an  eight-year  war  with  Iran.  That  army, 
and  the  Iraqi  air  force  as  well,  were  provided  modern  equipment  by  the 
Soviets,  French,  and  others.  It  enjoyed  interior  lines  of  communication 
and  supply.  The  “trackless  desert”  was  seen  as  a  natural  defense  barrier, 
making  it  difficult  for  coalition  forces  to  locate  precise  targets  and  causing 
difficulties  for  Western  equipment  based  there.  The  Iraqis  had  weapons  of 
mass  destruction  (WMD) — which  they  had  already  used  against  Iran — 
and  a  reliable  delivery  system  (Scud  missiles).  These  weapons,  as  well  as 
many  other  facilities,  were  protected  by  concrete  bunkers  several  feet  thick 
or  buried  underground.  The  US-led  coalition  was  broad  and  sizable,  but 
many  saw  this  as  a  limitation — how  could  these  various  national  forces 
meld  their  disparate  equipment,  doctrine,  and  command  and  control  pro¬ 
cedures  to  form  a  coherent  and  effective  striking  force? 

Yet,  the  campaign  to  liberate  Kuwait  was  remarkably  rapid,  overwhelming, 
and  relatively  bloodless.  We  all  must  remember  this  war,  because  it  re¬ 
vealed  strengths  and  weaknesses  of  modern  military  power  that  overturned 
long-held  beliefs  and  pointed  to  a  new  future. 

Strategic  Air  Power  in  Desert  Storm  (London:  Frank  Cass,  2003),  was 
Olsen’s  first  book  and  examined  the  Gulf  War  in  depth.  Although  not 
addressing  all  aspects  of  the  air  war  against  Saddam  Hussein,  it  covers 
one  aspect  too  little  known  or  understood. 
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GEN  Norman  Schwarzkopf  was  the  US  commander  in  the  Middle 
East  when  Hussein’s  forces  invaded  Kuwait  in  August  1990.  Pres.  George 
H.  W.  Bush  announced  that  such  aggression  would  not  be  allowed  to 
stand,  and  Schwarzkopf  began  planning  for  Kuwait’s  liberation.  He  was, 
however,  unimpressed  by  his  staffs  efforts,  so  he  turned  in  an  unexpected 
direction  for  help.  Schwarzkopf  called  the  Air  Force  chief  of  staff  and 
asked  for  an  air  plan  that  would  serve  coalition  interests  better  than  a 
bloody,  frontal  ground  assault.  This  was  a  controversial  move  by  Schwarzkopf: 
procedure  dictated  that  a  combatant  commander  needing  assistance  call 
the  Joint  Staff. 

Instead,  the  chief  turned  to  his  plans  directorate,  where  an  obscure  colonel 
by  the  name  of  John  Warden  was  tasked  to  draw  up  a  strategic  air  plan. 
Warden  gathered  together  a  group  of  subordinates  and  other  Air  Staff 
personnel  to  produce  a  plan  promising  great  results  at  low  cost.  The  plan 
was  dubbed  “Instant  Thunder”  in  a  direct  rejection  of  the  infamous  Vietnam- 
era  air  campaign  of  gradual  escalation  termed  “Rolling  Thunder.” 

Instant  Thunder  called  for  a  massive  and  near-simultaneous  attack  on 
Iraqi  centers  of  gravity — its  leadership,  communications,  transportation, 
electrical  power,  and  the  production  and  storage  facilities  of  its  WMD. 
The  plan  was  given  to  Schwarzkopf,  who  was  delighted;  he  directed  Warden 
to  brief  his  air  commander,  Lt  Gen  Chuck  Horner.  Horner  recognized  the 
value  of  the  plan  but  also  some  of  its  flaws.  Instant  Thunder  implied  that 
a  concerted  attack  on  Iraqi  centers  of  gravity  would  be  so  devastating  as  to 
make  a  ground  offensive  unnecessary.  Schwarzkopf  and  Horner  rejected 
such  optimistic  thinking.  Instead,  they  directed  an  air  campaign  to  isolate 
Saddam’s  regime  and  fatally  cripple  its  fielded  forces.  Indeed,  Schwarzkopf 
insisted  that  airpower  reduce  Iraq’s  frontline  divisions  below  50  percent 
before  a  ground  offensive  would  even  begin. 

The  Instant  Thunder  planning  cell  in  Washington  did  not  welcome 
these  changes  but  fell  in  line.  Olsen  notes  that  only  2  percent  of  the  coali¬ 
tion’s  air  effort  was  directed  at  the  leadership  targets  that  Warden  and  his 
Instant  Thunder  planners  thought  so  important.  Nonetheless,  Olsen  con¬ 
tends  these  strikes  were  disproportionately  effective,  because  Saddam  was 
largely  cut  off  from  his  military  forces  and  unable  to  direct  them  effec¬ 
tively.  The  result  was  reminiscent  of  what  military  theorist  J.  F.  C.  Fuller 
once  termed  “brain  warfare” — the  spinal  cord  of  the  enemy  army  was 
severed,  leaving  the  appendages  still  alive  but  twitching  spasmodically  and 
devoid  of  central  direction. 

The  main  value  of  the  Instant  Thunder  strategic  air  campaign,  accord¬ 
ing  to  Olsen,  was  to  reframe  the  debate  on  war  strategy.  Instead  of  a  plan 
focusing  on  a  bloody  ground  assault  (early  projections  feared  more  than 
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20,000  coalition  casualties),  the  air  campaign  destroyed  the  bulk  of  the 
Iraqi  army  before  a  major  ground  offensive  even  began.  US  Central  Com¬ 
mand  (CENTCOM)  intelligence  estimated  the  air  campaign  had  reduced 
all  Iraqi  frontline  divisions  to  below  50  percent  before  G-day  in  late  Feb¬ 
ruary,  and  this  assessment  was  confirmed  by  the  CIA.  In  other  words,  the 
Iraqi  army  was,  by  definition,  “combat  ineffective”  before  major  ground 
operations  even  began. 

Olsen’s  second  book  was  a  biography  of  the  air  planner  who  played  the 
major  role  described  above:  John  Warden  and  the  Renaissance  of  American 
Air  Power  (Washington:  Potomac  Press,  2007).  The  term  renaissance  in 
Olsen’s  title  bears  some  explanation. 

The  advent  of  nuclear  weapons  had  a  profound  psychological  effect  on 
military  and  civilian  populations  worldwide,  not  the  least  of  which  were 
airmen  themselves — the  keepers  and  deliverers  of  the  new  weapons. 
Despite  the  Korean  War  that  saw  the  United  States  and  Soviet  Union  refrain 
from  their  use,  military  planners  nonetheless  planned  for  a  major  war  in 
Central  Europe  against  the  Soviet  Union — a  war  that  presumed  the  use  of 
nuclear  weapons.  Consequently,  during  the  early  Cold  War  era,  air  planners 
envisioned  war  largely  at  the  high  end  of  the  conflict  spectrum.  Because  war 
had  never  occurred  between  nuclear  powers,  the  plans  they  drafted  had  a 
high  theoretical  content — as  was  the  case  before  World  War  II  when  major 
strategic  air  operations  had  yet  to  be  extensively  conducted.  The  result  in 
the  1930s — and  for  the  three  decades  following  World  War  II — was  air 
doctrine  based  on  little  historical  experience,  because  such  history  had  not 
yet  occurred.  Thinking  the  unthinkable  was  dominated  by  civilian  aca¬ 
demics  adept  at  the  ethereal  and  theoretical  discourse  comprising  nuclear 
strategy.  On  the  other  hand,  the  tactical  air  battle  remained  crucial.  Fighter 
pilots,  although  increasingly  tasked  to  deliver  nuclear  weapons  during  the 
1950s  and  ’60s,  still  saw  their  main  function  as  gaining  and  then  main¬ 
taining  air  superiority.  More  specifically,  they  envisioned  the  air  battle  as 
the  supreme  test  of  piloting  skill. 

The  result  was  a  peculiar  situation  where  airpower  thought  gravitated  to¬ 
ward  the  two  extremes:  nuclear  war  as  imagined  by  eggheads  vs.  the  tactical 
air  battle  craved  by  the  fighter  pilots.  The  area  in  between — conventional 
strategic  warfare — was  largely  ignored. 

Olsen  argues  that  John  Warden,  beginning  during  his  days  as  a  cadet, 
taught  himself  the  principles  of  grand  strategy  and  strategic  airpower. 
While  a  graduate  student  at  Texas  Tech  University  (political  science)  and 
then  the  National  War  College,  he  continued  to  focus  his  studies.  His 
thesis  for  the  latter  was  published  as  The  Air  Campaign:  Planningfor  Combat 
(Washington:  National  Defense  University  Press,  1988)  and  outlined 
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Warden’s  ideas  on  the  importance  of  strategic  conventional  air  operations. 
The  book  proved  controversial.  Although  in  retrospect  his  emphasis  on  air 
superiority  and  air  interdiction  are  hardly  unusual,  he  also  noted  there  were 
times  when  the  ground  scheme  of  maneuver  could  be  used  to  support  the 
dominant  air  campaign.  To  many,  this  was  heretical  thinking.  It  is  a  measure 
of  how  profoundly  war  has  changed  over  the  past  two  decades  that  Warden’s 
basic  concepts  are  now  accepted  as  a  starting  point  for  joint  doctrine. 

Warden’s  career  as  a  fighter  pilot  in  Vietnam  and  then  as  an  F-15  wing 
commander  in  Germany  are  well  covered,  but  the  heart  of  the  book  centers 
on  the  events  of  1990—91  when,  from  an  office  in  the  basement  of  the 
Pentagon,  Warden  devised  the  Instant  Thunder  air  campaign  plan.  Olsen 
notes  that  the  plan  was  limited.  It  promised  results  too  extravagant — what 
if  Saddam  Hussein  did  not  surrender  after  his  infrastructure  was  reduced 
to  rubble?  Nonetheless,  Warden’s  vision  of  a  strategic  air  campaign  that 
would  avoid  the  bloody  land  battle  advocated  by  ground  officers  was  to 
become  the  winning  option  adopted  by  Schwarzkopf. 

Not  everyone  was  pleased  with  Warden’s  role  in  steering  the  coalition 
away  from  a  ground-based  slugfest.  The  other  services  and  the  Joint  Staff 
were  irritated  that  Schwarzkopf  had  bypassed  normal  channels.  Within 
the  Air  Force  itself,  some  at  Tactical  Air  Command  were  similarly  vexed 
by  being  shunted  aside. 

Desert  Storm  was  of  course  an  incredible  success — although,  as  is  often 
the  case,  military  decisiveness  does  not  always  translate  into  political  victory. 
Yet,  instead  of  being  hailed  as  a  hero  and  promoted  to  brigadier  general, 
Warden  was  ignored.  Indeed,  he  never  even  received  a  medal  for  his  efforts. 
Upon  leaving  the  Pentagon,  he  served  in  the  White  House  as  an  advisor  to 
the  vice  president  for  a  year  and  then  moved  to  Maxwell  AFB  to  become 
commandant  of  Air  Command  and  Staff  College  (ACSC).  Despite  occu¬ 
pying  that  general  officer’s  billet  for  three  years,  he  was  never  promoted. 

Warden  seemed  unfazed  by  the  slights.  He  turned  the  ACSC  curricu¬ 
lum  upside  down,  redirecting  the  faculty  to  teach  airpower  at  the  broadest 
level,  while  also  understanding  the  dynamics  and  mechanics  of  actually 
writing  an  air  campaign.  There  were  dissenters  on  the  faculty  and  others 
around  the  academic  circle  who  resented  and  feared  the  forward-thinking 
radical  at  ACSC. 

What  was  Warden’s  lasting  impact?  Olsen  argues  it  was  limited.  Like 
most  academic  institutions,  the  old  guard  professors  were  able  to  outwait 
him.  Moreover,  and  this  is  important  to  bear  in  mind,  not  all  of  Warden’s 
ideas  were  good  ones.  Yet,  20  years  after  his  tenure  at  ACSC,  concepts 
such  as  parallel  warfare,  effects-based  operations,  and  the  need  to  think 
strategically  are  common  currency  within  the  Air  Force. 
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Olsen  does  an  excellent  and  balanced  job  of  portraying  an  unconven¬ 
tional  airman.  At  times  charming  and  engaged  while  at  other  times  dis¬ 
tracted  and  preoccupied,  Warden  inspired  both  devoted  advocates  and 
bitter  enemies  throughout  his  career.  As  Olsen  perceptively  notes,  Warden’s 
greatest  strengths — his  aggressiveness,  bureaucratic  fearlessness,  creativity, 
and  disregard  for  rank  that  made  him  often  bypass  recalcitrant  superiors — 
were  at  the  same  time  his  greatest  weaknesses  that  frequently  found  him 
in  hot  water. 

A  History  of  Air  Warfare  is  an  edited  work  (Washington:  Potomac 
Books,  2010)  and  arguably  one  of  Olsen’s  best.  He  calls  upon  15  authors — 
he  also  writes  one  chapter  himself — to  trace  the  history  of  air  warfare  from 
World  War  I  to  the  present,  with  a  look  into  the  future.  Nearly  all  the  essays 
are  excellent.  John  Morrow  notes  that  the  airplane  transitioned  in  a  re¬ 
markably  short  time  from  its  initial  use  as  a  reconnaissance  asset  in  World 
War  I  to  conducting  most  of  the  combat  functions  exercised  today:  air 
superiority,  close  air  support,  air  interdiction,  strategic  bombing,  and  air¬ 
lift.  Its  initial  function,  reconnaissance,  had  unintended  consequences: 
aircraft  severely  limited  the  chances  of  achieving  strategic  surprise  along 
the  static  western  front — planes  could  watch  the  flow  of  supplies  and  per¬ 
sonnel  that  indicated  an  imminent  offensive. 

Ground  commanders  pretended  to  scoff  at  the  capabilities  of  the  new 
weapon  but  were  eager  to  exploit  its  vertical  strike  capabilities  to  assist 
their  own  operations.  This  insistent  focus  on  the  tactical  nature  of  air- 
power  would  remain  for  the  next  century.  It  should  be  no  surprise,  there¬ 
fore,  that  it  was  Britain’s  Royal  Naval  Air  Service  that  first  theorized — and 
then  experimented — with  strategic  airpower.  Navies  have  long  seen  them¬ 
selves  as  strategic  weapons  with  global  concerns,  and  it  seemed  natural 
that  maritime  strategists  would  first  explore  the  use  of  strategic  bombing 
to  attack  an  enemy’s  vital  centers  and  disrupt  its  economy.  Such  opera¬ 
tions  were,  however,  severely  limited  in  their  effectiveness  due  to  the  rudi¬ 
mentary  nature  of  air  technology. 

That  would  change  in  World  War  II.  Although  interwar  theorists  would 
speculate  on  the  decisive  nature  of  strategic  bombing  and  how  it  would 
revolutionize  war,  effective  technology — the  aircraft,  engines,  bombs,  and 
electronic/intelligence  apparatus — was  not  yet  available.  Richard  Overy 
also  points  out  that  none  of  the  belligerents  entered  the  war  intending  to 
conduct  “terror  bombing”  or  to  target  civilians.  Prewar  doctrine  in  Britain, 
Germany,  and  the  United  States  specifically  proscribed  such  tactics.  Yet, 
technology  was  not  yet  available  in  1 940  to  carry  out  the  precision  day¬ 
light  campaign  envisioned  before  the  war.  Both  Germany  and  Britain 
retreated  to  the  relative  safety  of  night  operations — something  for  which 
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they  were  neither  technically  nor  doctrinally  prepared.  These  problems 
were  eventually  overcome,  and  the  United  States  and  Britain  instituted  a 
combined  bomber  offensive  that  had  a  devastating  effect  on  Germany’s 
industry  and  its  military  capability.  Once  again,  it  was  probably  not  by 
chance  that  the  two  great  sea  powers  turned  to  another  form,  albeit  more 
direct,  of  strategic  warfare;  whereas  Germany,  France,  and  the  Soviet 
Union,  traditional  land  powers,  saw  the  airplane  as  a  tactical  weapon  designed 
to  assist  armies  in  the  pursuit  of  their  battlefield  goals.  Strategic  airpower 
was  not  very  effective  before  1944 — and  it  must  be  remembered  that  fully 
70  percent  of  all  bombs  dropped  on  German  targets  occurred  after  D-day — 
but  then  again,  Allied  ground  and  sea  operations  had  not  been  all  that 
successful  against  Germany  up  until  then  either. 

Rich  Muller  notes  in  an  excellent  essay  that  in  the  Pacific,  the  tyranny 
of  distance  made  strategic  air  operations  virtually  impossible  until  late 
1944.  But  then,  such  an  air  campaign  began  in  earnest  using  B-29s  based 
in  the  Mariana  Islands.  The  war  ended  with  the  atomic  strikes. 

Alan  Stephens  recounts  the  role  of  airpower  in  the  Korean  War.  This 
war  was  unexpected  and  unplanned.  Neither  the  US  Army’s  occupation 
forces  in  Japan  nor  the  US  Air  Force,  whose  primary  mission  in  the  Pacific 
was  air  defense,  was  trained  or  equipped  to  conduct  conventional  war  on 
the  Korean  Peninsula.  Airpower  saved  the  soldiers  from  being  pushed  off 
the  peninsula  at  Pusan,  but  political  constraints  prevented  its  use  against 
the  real  sources  of  North  Korean  power — China  and  the  Soviet  Union. 
Yet,  the  battle  for  air  superiority  over  North  Korea  was  crucial  to  prevent¬ 
ing  the  defeat  of  the  vastly  outnumbered  United  Nations  forces  once 
China  intervened  in  October  1950.  UN  aircraft  had  largely  destroyed  the 
North  Korean  air  arm,  but  the  massive  influx  of  Soviet-made  jet  fighters 
into  China — and  thence  into  Korea — threatened  to  reverse  the  fortunes 
of  the  war.  The  MiG- 15  was  an  excellent  aircraft  and  superior  to  anything 
but  the  F-86.  Although  heavily  outnumbered,  the  F-86s  would  venture 
daily  into  “MiG  Alley”  in  northwest  Korea  to  engage  the  MiGs  based 
across  the  Yalu  River  in  China.  Air  superiority  was  crucial.  The  Chinese 
repeatedly  attempted  to  build  air  bases  in  North  Korea  to  harry  and  inter¬ 
dict  UN  ground  forces  further  south.  UN  aircraft  denied  these  bases  by 
maintaining  air  superiority  above  them. 

The  Vietnam  War  cast  a  pall  over  the  US  military  for  two  decades.  De¬ 
spite  vastly  superior  technology  and  manpower,  the  United  States  and  its 
allies  were  never  able  to  defeat  North  Vietnam.  Wayne  Thompson,  the 
most  authoritative  historian  of  airpower  in  Vietnam,  writes  a  masterful 
chapter  on  the  military,  political,  and  technical  problems  facing  the  United 
States.  The  interdiction  campaign  termed  Rolling  Thunder  was  so  encumbered 
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with  political  constraints — down  even  to  tactical  details — that  it  was 
doomed  from  the  start.  There  is  an  old  adage  that  superior  tactics  cannot 
overcome  strategic  folly,  and  this  was  proven  in  the  skies  over  North  Viet¬ 
nam.  Moreover,  airmen  themselves  were  partly  to  blame  for  not  better 
anticipating  major  and  prolonged  conventional  air  operations.  World  War 
III  against  the  Soviet  Union  and  its  satellites  was  the  dominant  paradigm — 
in  all  the  services — and  airmen,  soldiers,  and  sailors  were  unprepared  to 
fight  an  insurgency  on  the  ground  or  a  highly  constrained  war  of  attrition 
in  the  air.  The  debate  will  never  end  as  to  whether  a  more  enlightened 
political  and  military  strategy  could  have  been  effective  at  keeping  South 
Vietnam  free. 

The  chapter  by  Shmuel  Gordon  on  the  Arab-Israeli  wars  between  1967 
and  1982  is  one  of  the  most  interesting  in  the  book — perhaps  because 
most  Americans  are  unfamiliar  with  the  details  of  those  wars.  During  the 
first  part  of  that  period  the  United  States  was  engaged  in  Vietnam,  and  the 
trauma  of  that  disaster  overshadowed  military  thought  in  this  country. 
That  was  regrettable,  because  the  operations  of  the  Israeli  Air  Force  (IAF) 
had  much  to  inform.  Gordon  reviews  the  key  strategic  issues  that  have 
confronted  Israel  since  its  birth  in  1948:  lack  of  strategic  depth,  a  small 
population,  and  lack  of  natural  resources,  but  an  abundance  of  enemies. 
Consequently,  the  basis  of  national  security,  as  articulated  by  its  first  prime 
minister  David  Ben-Gurion,  was  that  Israel  must  maintain  air  superiority 
over  the  region. 

Gordon  argues  that  this  insistence  on  maintaining  air  superiority  by 
focusing  on  a  technically  first-rate  air  force  piloted  by  outstanding  personnel 
has  resulted  in  great  success.  In  the  Six-Day  War  of  1967  the  IAF  was 
outnumbered  3: 1  in  aircraft,  but  on  the  morning  of  5  June  it  struck  Egyp¬ 
tian,  Syrian,  and  Jordanian  airfields  by  surprise,  destroying  402  aircraft  at 
a  loss  to  themselves  of  28  planes.  Over  the  next  several  days,  56  more  Arab 
aircraft  were  shot  down  in  air-to-air  combat  at  a  loss  of  18  IAF  planes. 
During  the  two-year  war  of  attrition  that  followed,  the  Egyptians  were 
reinforced  by  the  Soviets,  particularly  with  surface-to-air  missile  (SAM) 
batteries.  These  SAMs  pushed  back  the  operating  area  of  the  IAF,  essen¬ 
tially  denying  it  air  superiority  over  the  Suez  Canal.  Even  so,  when  the 
forces  did  meet  in  air  combat,  the  IAF  enjoyed  an  18:1  kill  ratio. 

The  Yom  Kippur  War  of  1973  caught  Israel  by  surprise.  It  was  a  close- 
run  conflict,  and  the  plight  of  the  Israeli  ground  forces  necessitated  a  con¬ 
centration  on  close  air  support  rather  than  air  superiority.  The  superiority 
campaign  then  made  a  tactical  blunder  that  resulted  in  heavy  losses:  the 
IAF,  with  a  doctrine  that  had  hardened  into  dogma,  focused  on  Arab  air¬ 
fields  rather  than  on  the  more  deadly — and  more  vulnerable — SAM  sites 
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near  the  front.  This  decision  “delayed  gaining  air  superiority  over  the 
Egyptian  front  for  at  least  two  weeks”  (p.  145).  In  other  words,  the  IAF 
saw  its  main  threat  as  coming  from  the  air — other  fighters — when  in  reality 
the  danger  came  from  ground-based  air  defenses.  This  was  a  mistake 
repeated  by  other  air  forces. 

Itai  Brun  completes  the  story  of  the  IAF  by  examining  the  Second  Febanon 
War  of  2006.  Hezbollah,  based  in  Febanon  and  backed  by  Syria  and  Iran, 
kidnapped  two  Israeli  soldiers.  Military  operations  were  launched  to  retrieve 
the  soldiers,  punish  Hezbollah,  and  destroy  its  base  in  southern  Febanon. 
Israeli  leaders  decided  to  rely  heavily  on  the  IAF  to  limit  casualties — on 
both  sides.  The  LAF’s  task  was  to  destroy  the  long-range  and  medium- 
range  rockets  that  threatened  Israel.  This  air  campaign  was  successful — 
few  such  rockets  were  fired  against  Israel  during  the  conflict.  Short-range 
rockets  were  another  matter.  These  weapons  were  too  numerous  and  too 
small  to  locate  and  target.  On  the  other  hand,  Syria’s  air  force  played 
virtually  no  role  in  the  campaign,  probably  because  in  the  Bekaa  Valley 
operation  of  1982  the  Syrians  had  lost  87  aircraft  to  the  IAF’s  zero. 

After  three  weeks,  the  Israeli  Defence  Force  began  to  employ  ground 
troops  to  establish  a  six-kilometer  buffer  zone  along  the  border.  Rockets 
continued  to  rain  down  on  Israel,  and  84  soldiers  were  killed.  Suffering 
heavy  casualties,  the  Israeli  army  withdrew,  and  Hezbollah — intact  and 
still  maintaining  a  large  inventory  of  rockets — claimed  victory. 

There  are  also  excellent  chapters  covering  the  Falklands  War  (Fawrence 
Freedman)  and  those  detailing  the  overwhelming  airpower  victories  in 
Desert  Storm  (John  Olsen),  Bosnia  (Rob  Owen),  Kosovo  (Tony  Mason), 
Operation  Enduring  Freedom  (Ben  Fambeth),  and  Operation  Iraqi  Free¬ 
dom  (Wick  Murray).  These  operations  will  be  discussed  more  below.  The 
final  chapter  is  a  superior  overview  by  Dick  Hallion.  The  former  Air  Force 
historian  outlines  the  history  of  air  warfare  from  1911  to  the  present  with 
some  peeks  into  the  future.  He  traces  how  airpower  was  crucial  in  World 
War  I,  decisive  during  World  War  II,  and  dominant  over  the  past  two 
decades.  Airpower  has  evolved  continuously  and  rapidly  over  the  past  cen¬ 
tury,  and  one  of  the  keys  to  this  revolutionary  impact  has  been  precision 
weaponry.  Precision-guided  munitions  (PGM)  have  permitted  parallel 
warfare  and  true  effects-based  operations  (EBO).  Destruction  is  rarely  a 
worthwhile  goal  in  air  warfare;  rather,  the  intent  is  to  deny  options  to  the 
enemy.  PGMs  allow  this,  but  EBO  has  been  resisted  by  the  ground  services 
that  see  it  as  a  threat  to  their  own  model  of  Clausewitzian,  attrition-based 
warfare.  Hallion  sums  the  issue  eloquently:  “EBO  is  more  than  an  air  war 
concept:  it  is  intrinsically  ‘common  sense,’  essential  to  the  efficient  employ- 
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ment  of  all  forms  of  combat  power  and  particularly  suited  to  the  capabilities 
of  joint  and  combined  force  air  (and  space)  power”  (p.  386). 

Global  Air  Power  (Washington:  Potomac  Books,  2011)  was  intended 
as  a  companion  volume  to  the  previous  work.  Also  edited  by  Olsen,  it 
contains  nine  chapters  that  briefly  cover  the  histories  of  the  world’s  major 
air  forces:  the  US  (Dick  Hallion),  UK  (Tony  Mason),  Russian  (Sanu 
Kainikara),  Israeli  (Itai  Brun),  Chinese  (Xiaoming  Zhang),  Indian  (Jasjit 
Singh),  and  three  regional  overviews  of  the  Pacific  Rim  (Alan  Stephens), 
Latin  America  (Jim  Corum),  and  Europe  (Christian  Anrig).  Due  to  this 
historical  narrative  approach,  there  is  some  redundancy  with  the  Air  Warfare 
volume,  but  even  so,  each  chapter  is  a  model  of  concise  style  and  clarity. 

Kainikara  argues  that  because  of  its  long  tradition  as  a  continental  land 
power,  Soviet  airpower  was  largely  tied  to  the  army,  so  tactical  aviation 
received  the  bulk  of  funds  and  doctrinal  focus.  The  advent  of  nuclear 
weapons  changed  this  focus,  but  aside  from  a  projected  holocaust,  doc¬ 
trine  and  force  structure  remained  fixed  on  the  land  battle.  This  evolved 
with  the  Gulf  War  of  1991  when  Russian  leaders  were  astounded  by  the 
rapid  victory  of  the  coalition  and  the  dominant  role  of  airpower.  Strategic 
conventional  operations  were  indeed  possible,  and  for  the  first  time,  Russian 
airpower  “cast  off  its  shackles  and  was  allowed  to  develop  as  an  indepen¬ 
dent  force”  (p.  215). 

Singh’s  chapter  on  the  Indian  Air  Force  notes  its  contradictory  influ¬ 
ences  from  the  UK’s  Royal  Air  Force  with  its  tradition  of  strategic  air¬ 
power  versus  the  land-oriented  Soviet  model.  At  the  same  time,  India 
finds  itself  wedged  between  nuclear  adversaries — China  and  Pakistan. 
This,  combined  with  persistent  budget  concerns,  has  resulted  in  a  stretched 
air  arm  that  must  prepare  for  both  offensive  and  defensive  operations  that 
could  occur  in  a  two-front  war. 

Since  the  Korean  War,  China’s  air  arm  has  been  characterized  by  its 
great  size  and  poor  quality.  It  had  a  great  deal  of  metal  on  the  ramp,  but 
that  metal  was  obsolescent  and  flown  by  pilots  with  mediocre  skills.  Most 
of  its  aircraft  were  single-seat  fighters  designed  as  defensive  interceptors. 
As  with  other  countries,  the  shock  of  Desert  Storm  woke  Chinese  leaders 
to  the  fact  that  its  air  force  was  largely  useless  against  a  modern  power. 
Today,  numbers  have  been  cut  dramatically,  but  quality  has  increased. 
New-generation  aircraft  are  proliferating.  More  importantly,  training  has 
increased — although  not  yet  to  Western  levels — and  technical  support  has 
improved.  Precision  weapons,  modern  ISR  aircraft,  and,  most  importantly 
perhaps,  airlifters  and  air  refuelers  have  entered  the  inventory.  If  it  is  China’s 
goal  to  become  a  world  power  with  the  ability  to  project  its  airpower  over 
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great  distances,  then  it  has  begun  taking  steps  over  the  past  two  decades  to 
achieve  that  aim. 

Throughout  the  Cold  War  era,  the  air  forces  of  Europe  lay  in  America’s 
shadow.  The  US  Air  Force  dominated  NATO,  and  Europe  had  but  a  meager 
air  refueling,  strategic  airlift,  or  ISR  capability.  Because  of  NATO’s  oft-stated 
defensive  posture  vis-a-vis  the  Warsaw  Pact,  the  alliance  had  a  large  number 
of  fighter  aircraft  focused  on  air  defense.  Once  again,  Desert  Storm,  which 
occurred  immediately  after  the  collapse  of  the  Soviet  empire,  signaled 
great  change. 

The  defensive  posture  of  most  European  nations  began  to  shift  to  a 
more  offensive  mind-set.  In  this  regard,  the  Balkan  Wars  were  decisive. 
Even  Germany,  whose  constitution  seemed  to  prohibit  involvement  in 
such  operations,  redefined  itself  and  took  part.  The  size  and  capabilities  of 
the  US  air  forces  meant  that  Europe  had  to  adapt  to  fit  into  coalition 
operations.  PGMs  were  essential,  as  were  standardized  doctrines  and  com¬ 
mand  and  control  lash  ups.  Because  most  European  countries  could  not 
afford  “full  service”  air  arms,  they  have  banded  together  to  develop  and 
procure  aircraft  to  be  used  by  all — AWACS  and  ISR  assets,  as  well  as  the 
A-400  airlifter  and  the  new  Boeing  tankers.  Several  NATO  nations  par¬ 
ticipated  in  operations  in  Afghanistan  and  Iraq,  and  new  members — Poland 
and  the  Czech  Republic — labored  to  upgrade  and  standardize  their  air 
forces  to  become  useful  partners. 

The  concluding  essay  by  Lt  Gen  Dave  Deptula  (USAF,  retired)  is  excel¬ 
lent.  Deptula  has  long  been  recognized  as  one  of  the  most  forward  think¬ 
ing  and  capable  airmen  in  the  West.  He  begins  by  noting  that  we  now  live 
in  an  “aeronautical  era”  in  which  commercial,  civil,  and  military  aviation 
are  preeminent.  Thousands  of  aircraft  carrying  passengers  and  high-value 
cargo  are  in  the  air  over  the  globe  at  any  one  time.  More  importantly,  air- 
power  now  dominates  war. 

Deptula  argues  that  airpower  has  been  revolutionized  in  three  areas:  At 
the  micro  level,  computing,  sensing,  and  data  compression  have  made 
formerly  single-mission  aircraft  now  able  to  perform  multiple  tasks.  At  the 
meso  (operational)  level,  airpower  has  moved  from  being  linked  to  massive 
land  forces  toward  greater  cooperation  with  special  operations  forces,  pro¬ 
ducing  disproportionately  great  effects  at  low  cost  and  risk.  And  at  the 
macro  level,  strategic  airlifters,  tankers,  and  global  ISR  and  communica¬ 
tions  platforms  linked  by  satellites  have  shrunk  the  world  while  also  placing 
great  leverage  in  the  hands  of  the  nations,  or  coalitions,  which  possess 
such  global  power-projection  forces. 

Controversially,  Deptula  also  argues  that  air  and  space  technology  is  evolving 
so  quickly  that  strategy  based  on  a  historical  perspective  is  becoming  almost 
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dangerous.  The  focus  must  be  forward.  He  argues  instead  for  strategies 
based  on  trends  and  threats  to  chart  the  future.  He  concludes  that  success 
or  failure  will  be  determined  by  “how  well  a  nation  can  seamlessly  inte¬ 
grate  airpower  across  permissive,  contested,  and  denied  environments, 
rapidly  synchronizing  multiple  aerospace  missions  and  functions  across 
the  domains  of  air,  land,  sea,  space,  and  cyberspace  ahead  of  both  com¬ 
petitors  and  adversaries”  (p.  415). 

Air  Commanders  (Washington:  Potomac  Books,  2013)  consists  of  bio¬ 
graphical  sketches  of  US  Air  Force  combat  commanders.  All  are  of  high 
quality:  some  written  by  established  historians  (Wick  Murray,  Alan  Stephens, 
Rich  Davis,  Dick  Hallion,  Jim  Corum,  Rich  Muller,  Rebecca  Grant,  and 
Tom  Keaney);  others  by  newcomers  (Case  Cunningham,  Mark  Bucknam, 
Steve  Randolph,  and  Jim  Kiras). 

The  air  commanders  chosen  fall  into  three  groups:  World  War  II  and 
the  Cold  War;  Korea  and  Vietnam;  and  Desert  Storm  to  the  present.  This 
last  was  an  inspired  choice.  Most  Americans  will  not  have  heard  of  the 
airmen  who  led  the  astoundingly  successful  air  campaigns  of  Desert  Storm 
(Chuck  Horner),  Deliberate  Force  (Mike  Ryan),  the  air  war  over  Serbia 
(Mike  Short),  and  operations  in  Afghanistan  and  Iraq  after  9/11  (“Buzz” 
Moseley).  These  generals  should  be  remembered. 

The  sketches  of  Carl  Spaatz,  George  Kenney,  Curtis  LeMay,  and  Otto 
Weyland  are  excellent.  All  except  the  latter  have  been  much  written  about 
and  are  familiar.  The  addition  of  George  Stratemeyer — the  air  commander 
during  the  first  year  of  the  Korean  War — is  an  anomaly  in  that  1950  was 
a  near-run  thing,  and  Stratemeyer’s  performance  was  not  exceptional.  After 
suffering  a  heart  attack  in  May  1951,  he  retired.  William  Tunner  is  another 
unusual  but  sounder  choice.  Tunner  was  an  expert  airlifter  who  com¬ 
manded  the  “Hump”  operation  over  the  Himalayas  during  World  War  II, 
the  Berlin  airlift,  and  the  airlift  of  men  and  supplies  to  Korea.  Too  often 
these  essential  power-projection  air  forces  are  ignored. 

The  additions  of  Generals  Horner,  Ryan,  Short,  and  Moseley  are  par¬ 
ticularly  appropriate.  In  all  five  of  their  air  campaigns,  it  was  the  combination 
of  stealth  aircraft  and  precision  weapons — laser-guided  and  then  GPS- 
guided  bombs — combined  with  ubiquitous  ISR  and  nearly  instantaneous 
command  and  control,  which  brought  airpower  to  a  pinnacle  of  success. 
These  air  campaigns  teamed  with  special  operations  forces  and  indigenous 
troops — Bosnians,  Kosovars,  the  Northern  Alliance,  and  Kurds — achieved 
alliance  goals  with  an  amazingly  small  loss  of  life — on  both  sides.  Conven¬ 
tional  US  ground  forces,  when  they  were  even  used,  confronted  enemies 
largely  defeated. 
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Drawing  conclusions  regarding  the  combat  leadership  of  these  airmen 
is  difficult,  but  the  first  lesson  is  that  they  were  outstanding  pilots  and 
tacticians.  William  Momyer,  who  commanded  Seventh  Air  Force  during 
much  of  the  Vietnam  War,  is  considered  one  of  the  greatest  air  tacticians 
in  US  history.  He  was  also  an  ace  in  World  War  II,  as  was  John  Vogt,  Seventh 
Air  Force  commander  at  the  end  of  that  war.  It  would  seem  that  piloting  skills 
were  essential  in  giving  airmen  the  credibility  to  rise  in  rank  and  become 
air  strategists.  Second,  most  of  those  discussed  took  a  deep  interest  in  the 
use  of  intelligence.  Although  surface  warfare  is  also  dependent  on  sound 
intelligence,  air  operations  have  taken  this  essentiality  to  a  new  level.  Be¬ 
cause  precision  weapons  with  three-meter  accuracy  can  now  hit  a  specific 
window  in  a  building  hundreds  of  miles  deep  in  enemy  territory,  it  is 
essential  to  identify  the  correct  window. 

These  airmen  also  had  an  unusually  sound  grasp  of  the  political  envi¬ 
ronment  in  which  they  operated,  a  necessity  in  the  politically  charged 
milieus  found  in  the  “small  wars”  that  have  been  the  US  lot  since  Vietnam. 
When  every  bomb  dropped  can  have  major  political  significance,  air  com¬ 
manders  must  be  acutely  aware  of  consequences  and  implications.  Finally, 
it  is  apparent  there  is  no  single,  successful  leadership  style:  Spaatz  was  shy 
and  taciturn;  Kenney  outgoing  and  friendly;  Momyer  cerebral;  and  Short 
was  gruff  and  irascible.  Successful  leadership  style  is  defined  by  success. 

Taken  together,  these  five  works  by  John  Olsen  are  an  outstanding  over¬ 
view  of  airpower  past,  present,  and  future.  Olsen  and  his  contributors  in¬ 
troduce  and  explain  several  ideas  that  bear  emphasis. 

From  the  very  beginning,  airpower  was  recognized  as  a  revolutionary 
weapon  that  could  transform  war.  Operating  in  the  third  dimension,  it 
took  a  surprisingly  short  time  for  aircraft  to  move  from  an  interesting 
tactical  adjunct  of  surface  battle  to  a  decisive  factor  in  war.  Even  so,  in  an 
age  where  everything  happens  with  such  numbing  rapidity  compared  to 
previous  centuries,  airpower — and  space  power — has  sometimes  moved 
more  slowly  than  airmen  wanted.  The  two  decades  between  the  world 
wars  saw  much  theorizing  and  speculation  regarding  how  technologies 
not  yet  invented  would  revolutionize  war.  The  opening  years  of  World 
War  II  demonstrated  that  aeronautical  science  was  not  moving  as  quickly 
as  airmen  had  prophesied.  And  yet,  the  war  with  Japan  did  indeed  end 
with  the  atomic  bombs  delivered  by  B-29s,  avoiding  a  bloody  invasion 
of  the  home  islands  that  would  have  cost  millions  of  lives — both  Allied 
and  Japanese. 

Air  and  space  power  are  dominated  by  technology — a  notion  that  has 
often  produced  ridicule  from  the  other  services  who  speak  derisively  of 
airmen’s  “toys”  and  who  contend  that  battle  today  is  little  different  than 
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that  experienced  by  the  hoplite  armies  of  the  ancient  Greeks.  This  is  a  silly 
belief.  Yes,  fog,  friction,  fear,  thirst,  and  anxiety  are  still  present  in  war,  but 
war  is  not  always  bloody  and  violent — as  blockade,  embargo,  and  cyber 
attack  illustrate — nor  is  it  always  dominated  by  fear  and  fatigue.  The  use 
of  remotely  piloted  aircraft  (RPA)  has  fundamentally  altered  the  dynamic 
of  combat:  aircraft  striking  targets  in  Pakistan  are  controlled  by  techni¬ 
cians  sitting  in  hangers  in  Nevada  half  a  globe  away.  And  drones  can  be 
very  brave  indeed. 

The  use  of  military  force  is  shaped  by  technology,  budgets,  domestic 
politics,  and  the  geopolitical  situation.  Instant  worldwide  communica¬ 
tions  and  information  transfer  have  made  military  operations  subject  to 
intense  scrutiny,  and  this  scrutiny  falls  most  heavily  on  the  West.  Actions 
must  be  seen  as  politically  reasonable — diplomacy  must  be  exhausted  be¬ 
fore  force  is  sanctioned.  When  force  is  applied,  it  must  be  measured  and 
discriminant.  Collateral  damage  must  be  held  to  a  minimum.  For  domestic 
political  reasons,  the  “wars  of  choice”  now  fought  by  the  West  must  incur 
low  cost — both  in  blood  and  treasure — and  those  costs  should  be  kept  to 
a  minimum  even  among  adversaries.  Precision  weapons  must  be  used  to 
limit  damage  and  death.  Decisive  victory  is  still  sought,  but  it  cannot  be 
too  decisive  and  result  in  large  numbers  of  enemy  dead  or  unnecessarily 
excessive  physical  destruction. 

If  low  cost,  low  risk,  and  low  collateral  damage  are  the  standards  measuring 
success  or  failure,  then  air  and  space  power  are  the  obvious  solutions. 
Only  a  handful  of  manned  aircraft  have  been  lost  in  combat  by  the  West 
over  the  past  two  decades.  In  several  cases — Bosnia,  Kosovo,  Libya,  and  in 
the  initial  stages  of  Operation  Enduring  Freedom  in  Afghanistan — 
conventional  ground  troops  were  not  even  employed.  When  they  were 
finally  introduced,  often  for  occupation  duty,  the  enemy  was  already  de¬ 
feated.  It  is  a  disturbing  fact  that  the  vast  majority  of  casualties  sustained 
by  the  United  States  and  its  allies  in  OEF  and  OIF  occurred  after  large 
numbers  of  conventional  ground  troops  were  introduced  for  occupation  du¬ 
ties  and  counterinsurgency  for  which  they  were  neither  trained  nor  equipped. 

Olsen’s  books  also  touch  upon  the  issue  of  coercion  versus  denial.  This 
is  an  old  issue  that  has  generated  much  debate.  Coercion  involves  a  target¬ 
ing  scheme  that  strikes  or  threatens  what  the  enemy  holds  valuable.  The 
intent  is  to  change  its  behavior.  A  denial  strategy  targets  an  enemy’s  mili¬ 
tary  forces  or  their  support  structure — the  intent  is  to  destroy  the  ability 
to  continue  the  war.  In  essence,  coercion  targets  the  enemy’s  will,  while 
denial  focuses  on  its  capability.  Both  targeting  schemes  have  been  used 
successfully  in  war,  and  they  have  also  failed.  In  truth,  the  dichotomy  is 
more  imagined  than  real.  Virtually  every  targeting  scheme  contains 
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elements  of  both  coercion  and  denial,  and  it  is  usually  impossible  to 
separate  them:  the  destruction  of  an  armament  factory  or  transportation 
system  or  the  death  of  a  national  leader  affects  both  the  enemy’s  will  and 
capability.  Every  situation  and  every  enemy  is  different,  and  it  is  futile  to 
attempt  to  focus  on  one  target  set — leadership,  fielded  forces,  the  power 
grid — and  assume  it  will  be  the  crucial  target  in  any  situation.  War  is 
not  that  determinable. 

This  realization  tends  to  support  the  claim  noted  by  Deptula:  airmen 
must  look  to  the  future  rather  than  the  past  to  determine  how  to  employ 
their  chosen  weapon.  As  a  historian,  that  notion  grinds  my  gears,  but  in 
truth,  the  lessons  of  history  have  often  been  vague,  contradictory,  or  simply 
wrong.  The  lessons  learned  process  enshrined  in  our  joint  doctrine  is  a 
useful  intellectual  exercise,  as  long  as  we  always  remember  that  no  two 
situations  will  ever  be  the  same.  Moreover,  as  World  War  I  and  its  after- 
math  proved:  lessons  learned  are  not  necessarily  correct  lessons  learned. 

These  books  show  that  the  introduction  of  PGMs,  stealth  technology, 
and  real-time  ISR  and  command  and  control  capabilities  have  revolution¬ 
ized  war,  and  even  the  most  obtuse  observers  recognize  how  air  and  space 
power  have  changed  the  conflict  environment,  at  all  levels.  Interestingly, 
one  major  theme  continues  to  appear  in  all  five  of  the  books  regardless  of 
the  author  actually  writing  each  individual  chapter.  That  truism  concerns 
the  essential  nature  of  air  superiority.  All  the  services  recognize  this  unalter¬ 
able  fact,  even  if  they  disagree  on  how  such  superiority  is  to  be  gained  and 
maintained.  In  fact,  even  the  basic  definition  of  air  superiority  is  not 
clearly  understood. 

There  are  two  aspects  to  air  superiority.  First,  we  are  able  to  prevent  the 
enemy’s  air  forces  from  attacking  our  vital  centers  and  fielded  forces.  This 
is  the  aspect  understood  by  everyone.  The  second  is,  if  an  enemy  is  not 
attacking  us  from  the  air,  then  we  assume  we  have  achieved  air  superiority. 
That  is  not  the  case.  Superiority  also  includes  our  ability  to  strike  the  enemy’s 
vital  centers,  sources  of  supply,  or  fielded  forces  at  the  time  and  place  of 
our  choosing — an  important  distinction.  US  joint  doctrine  is  predicated 
on  operating  under  a  curtain  of  air  superiority — and  in  fact,  today  we 
strive  for  air  supremacy.  It  is  questionable  if  our  joint  force  would  know 
how  to  operate  if  that  supremacy  were  lost — we  have  not  had  to  fight 
without  it  since  early  in  World  War  II.  Today,  the  joint  force  is  absolutely 
dependent  on  the  unfettered  air  missions  of  close  air  support,  air  interdic¬ 
tion,  ISR,  and  airlift.  If  we  lose  air  superiority,  those  other  crucial  air  mis¬ 
sions  are  difficult  or  impossible  to  conduct.  If  that  happens,  the  joint  force 
is  lost.  Note,  however,  that  this  dual  concept  of  air  superiority  is  a  peculiarly 
US  and  Western  notion.  The  Vietcong  and  al-Qaeda  never  enjoyed  air 
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superiority,  and  yet  they  fought  extremely  well  and  often  successfully 
against  US  forces  that  controlled  the  air  above  them. 

We  also  must  recognize  that  the  major  threat  facing  our  continued  en¬ 
joyment  of  air  superiority  comes  from  the  ground.  Since  World  War  II, 
more  than  95  percent  of  US  combat  air  losses  have  resulted  from  anti¬ 
aircraft  artillery,  SAMs,  or  ground  attack  by  special  forces.  In  fact,  since 
Vietnam,  the  USAF  has  not  lost  a  single  aircraft  in  air-to-air  combat,  even 
though  some  of  our  opponents — Iraq,  Serbia,  and  Libya — possessed 
modern  air  arms.  However,  as  SAMs  proliferate  and  become  increasingly 
capable,  even  our  stealth  assets  might  be  at  risk.  Olsen  notes  the  danger  of 
ground-based  air  defenses,  which  will  increase  in  the  years  ahead.  What 
are  we  doing  to  address  this  threat? 

Olsen  and  most  of  his  authors  are  advocates  of  airpower.  They  have 
studied  air  operations  since  their  inception,  while  also  looking  into  the 
future.  They  have  concluded  that  air  and  space  forces  have  been  increas¬ 
ingly  successful  in  achieving  political  and  military  goals,  while  doing  so  at 
low  cost  and  low  risk.  There  are  limitations  and  weaknesses  for  these 
forces,  but  over  the  past  century  the  inherent  strengths  of  airpower — its 
ubiquity,  speed,  range,  and  flexibility — have  grown  stronger;  while  its 
weaknesses — cost,  the  constraints  of  weather  or  darkness,  its  transitory 
nature,  and  its  inability  to  hold  ground — have  grown  ever  weaker.  Radar, 
infrared,  and  GPS  have  done  much  to  eliminate  the  problems  of  weather 
and  darkness;  air  refueling,  satellites,  and  RPAs  allow  near-continuous  air 
and  space  operations,  and  as  experiences  in  Iraq  and  Afghanistan  have 
demonstrated,  occupying  ground  is  often  the  worst  thing  we  can  do  if  we 
truly  wish  to  achieve  our  goals  at  the  lowest  cost  in  blood  and  treasure. 

Col  John  Olsen  is  one  of  the  dominant  voices  in  airpower  history  and 
operations  in  the  world  today.  His  books  should  be  required  reading  for 
everyone  in  uniform. 

Phillip  S.  Meilinger,  PhD 

Colonel,  USAF,  Retired 


Disclaimer 

The  views  and  opinions  expressed  or  implied  in  SSQare  those  of  the  authors  and  are  not  officially 
sanctioned  by  any  agency  or  department  of  the  US  government.  We  encourage  you  to  send  comments 
to:  strategicstudiesquarterly@us.afmil. 
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Conflict  and  Cooperation  in  the  Global  Commons:  A  Comprehensive  Approach 

for  International  Security ,  edited  by  Scott  Jasper.  Georgetown  University 
Press,  2012,  272  pp.,  $29.95. 

Conflict  and  Cooperation  presents  potential  international  security  strategies  for  global 
commons  challenges  as  they  grow  more  congested,  contested,  and  competitive.  Jasper 
addresses  four  global  commons — maritime,  air,  space,  and  cyberspace — and  defines 
them  as,  “those  areas  no  one  state  can  control  but  on  which  all  states  must  rely.”  He  sees 
three  complex  and  challenging  security  areas  influencing  the  commons:  violent  extremist 
organizations,  regional  antagonists,  and  a  rising  China.  This  work  includes  13  essays  in 
five  sections:  security  dynamics,  conflict  methods,  cooperative  opportunities,  interface 
mechanism,  and  behavioral  norms.  Although  the  entire  text  strives  to  emphasize  collab¬ 
orative  efforts  in  each  sphere,  the  emphasis  is  weighted  toward  cyberspace  and  maritime 
domains. 

The  first  section  evaluates  security  dynamics  and  introduces  the  reader  to  public  goods 
as  nonexcludable  and  nonrival;  hence,  use  cannot  be  denied,  and  individual  use  does  not 
detract  from  others.  All  essays  support  these  shared  qualities.  The  shared  environment 
describes  the  causation  behind  both  the  second  articles  conflict  and  the  deterrence  model 
used  in  the  third.  No  essay  provides  a  revolutionary  viewpoint,  but  all  contribute  to  build¬ 
ing  basic  understanding. 

The  next  three  essays  detail  where  conflicts  could  originate  within  the  commons.  All 
three  are  wide-ranging  but  primarily  discuss  Chinese  military  modernization  impacts 
within  the  maritime,  aerospace,  and  cyberspace  commons.  An  interesting  analytic  point 
emerges  on  how  Chinas  ballistic  missile  improvements  could  potentially  undermine  the 
US-Russian  Intermediate  Nuclear  Forces  Treaty,  demonstrating  how  any  changes  within 
the  global  commons  can  affect  all  players. 

Jasper  bundles  the  next  two  sections  as  cooperative  opportunities  and  interface  mecha¬ 
nisms  to  provide  alternative  conflict  solutions.  Two  essays  address  maritime  security,  two 
address  cyberspace  concerns,  and  one  discusses  the  US  joint  operational  access  future. 
The  primary  maritime  or  cyberspace  commons  solution  is  building  partnerships  and  then 
sharing  technological  tools  to  increase  awareness  and  security  across  the  domain.  The  essay 
merges  cyberspace  and  space  despite  the  obvious  differences.  Their  only  similarities  are 
that  both  are  global  commons  and  both  use  information.  If  anything,  space  requires  cyber 
access  much  more  than  cyber  requires  space  access. 

One  particular  article  stands  out  from  this  group;  Paul  Giarra’s  “Assuring  Joint  Opera¬ 
tional  Access”  summarizes  the  intellectual  changes  required  by  US  strategists  to  deal  with 
complex  challenges.  Giarra  highlights  operational  access  needs  embedded  in  traditional 
US  war  models  of  getting  forward,  staying  forward,  and  operating  along  secured  lines  of 
communication.  Adversary  modernization  highlighted  in  earlier  essays  could  prevent  the 
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United  States  from  enjoying  these  advantages  as  fully  as  in  the  past.  Giarra  suggests  elevat¬ 
ing  operational  access  planning  to  a  new  strategic  context  by  recognizing  our  past  assump¬ 
tions,  en-route  and  forward  infrastructure  demands,  and  how  our  competitors  exploit  the 
commons.  Ultimately,  he  correctly  states  that  moving  forward  cannot  occur  if  the  United 
States  falls  back  to  old  strategic  mind-sets. 

New  mind-sets  must  be  shaped  with  new  behavioral  norms:  Jaspers  last  section.  Unfortu¬ 
nately,  these  essays  only  address  space  and  cyberspace.  Adjusted  behavioral  norms  reinforce 
those  cultural  standards  the  United  States  wants  expressed  in  the  global  commons.  The 
whole  process  matches  a  suburban  “Keep  off  the  Grass”  sign.  The  space  article  highlights 
state  and  nonstate  actors’  responsibilities  to  provide  debris  mitigation,  prevent  harmful 
interference,  and  manage  space  traffic  within  the  domain. 

“Establishing  Rules  for  Cyber  Security”  by  Eneken  Tikk  is  the  second  exceptional  ar¬ 
ticle  within  the  text.  Tikk  offers  10  standards  as  a  code  of  conduct  within  cyberspace. 
The  most  interesting  requires  state  and  nonstate  actors  to  assume  responsibility  for  any 
cyberspace  actions  initiated  from  their  environment.  One  other  central  element  suggests 
all  actors  using  cyberspace  are  responsible  for  ensuring  they  possess  sufficient  security.  A 
patch  is  the  commonly  used  term  to  fix  a  known  cyber  vulnerability.  This  patch  mandate 
could  close  many  cyberspace  vulnerabilities,  but  the  problem  remains  who  will  enforce 
the  issue.  Tikk  hopes  laying  out  ground  rules  will  encourage  all  users  of  the  commons  to 
increase  the  collective  standard. 

My  overall  impression  is  the  text  never  solidly  falls  behind  any  of  the  proposed  solu¬ 
tions.  Although  all  ideas  are  interesting,  some  could  be  contradictory  during  implementa¬ 
tion.  Most  articles  were  under  20  pages  and  could  use  additional  depth  and  discussion. 
Jasper  defined  five  sections  but  splitting  the  work  into  two  halves,  conflict  dynamics  and 
collaborative  techniques,  would  have  been  more  efficient.  Limiting  the  editorial  selection 
to  a  narrower  scope  or  a  single  area  would  improve  the  work,  as  the  articles  did  not  blend 
smoothly.  The  widely  ranging  subjects  disguised  any  shared  themes,  and  the  editorial 
wrapper  at  either  end  failed  to  provide  a  clear  path. 

Overall,  Conflict  and  Cooperation  in  the  Global  Commons  provides  many  excellent 
thoughts,  but  Jasper  may  have  overreached  his  goal  in  his  desire  to  fit  everything  into  a  single 
work.  The  two  articles  singled  out  above  are  definitely  highlights,  but  all  were  relatively  well 
written  and  concise.  As  an  Air  Force  officer  dealing  with  many  A2/AD  issues,  I  would  have 
liked  more  emphasis  on  potential  strategic  considerations.  Future  conflicts  will  turn  on  those 
strategic  elements  bridging  the  commons  and  they  were  rarely  mentioned.  The  text  whets 
the  appetite  for  those  challenging  and  complex  issues  waiting  within  the  commons,  but  the 
main  course  never  materialized. 

Lt  Col  Mark  Peters,  USAF 

Senior-rated  cyberspace  operator 
Wright-Patterson  AFB,  Ohio 


Disclaimer 

The  views  and  opinions  expressed  or  implied  in  SSQare  those  of  the  authors  and  are  not 
officially  sanctioned  by  any  agency  or  department  of  the  US  government.  We  encourage  you  to 
send  comments  to:  strategicstudiesquarterly@us.af.mil. 
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The  Generals:  American  Military  Command  from  World  War  II  to  Today 

by  Thomas  E.  Ricks.  Penguin  Press,  2012,  466  pp. 

Tom  Ricks  is  imminently  qualified  to  write  such  a  book  as  The  Generals.  This  widely 
published  author  has  an  extensive  background  in  military  affairs  and  knowledge  of  civil- 
military  relations.  This  book  does  not  disappoint.  It  is  in  fact  two  books  in  one.  The  stated 
thesis  is  that  military  leaders  should  discipline  their  subordinates  by  relieving  them  rather 
than  prolonging  incompetence  to  the  point  of  having  civilian  leaders  take  that  action. 
The  book  is  also  a  treatise  on  the  shortcomings  of  Army  leaders  over  time  and  critiques 
attempts  by  the  Army  to  change  its  process  for  selecting  and  protecting  general  officers. 

The  five-part  tome  opens  with  what  Ricks  terms  “the  Marshall  system,”  beginning  in 
World  War  II.  The  following  four  parts  are  comparisons  to  Korea,  Vietnam,  the  interwar 
period,  and  the  Middle  East/Southwest  Asia  wars  since  1990.  Under  GEN  George  C. 
Marshall,  senior  officers  were  in  many  cases  relieved  without  prejudice  and  given  other 
assignments  as  rehabilitation  (or  punishment)  before  being  offered  another  chance.  Mar¬ 
shall  preferred  senior  leaders  who  could  produce  results,  which  required  competence  and 
performance.  He  also  expected  senior  officers  to  remain  apolitical  but  become  politically 
astute.  With  the  high  stakes  of  World  War  II,  leaders  were  expected  to  perform  rapidly  or 
be  relieved  by  their  immediate  commander.  Subsequent  to  that  war,  according  to  Ricks, 
the  Army  drifted  from  the  Marshall  system,  and  the  results  were  devastating.  He  notes 
many  examples  from  Korea,  most  notable  the  firing  of  Douglas  MacArthur  by  President 
Truman,  but  saves  his  most  convincing  examples  for  Vietnam  when  the  Army  abandoned 
any  semblance  of  Marshall’s  system.  During  this  period  the  Army  descended  into  an  or¬ 
ganization  of  risk  aversion,  micromanagement,  conformity,  caution,  and  lack  of  moral 
courage  (see  p.  257  for  exchanges  between  the  president  and  the  joint  chiefs). 

After  Vietnam  the  Army  began  rebuilding  its  image,  but  that  effort  focused  on  tacti¬ 
cal  levels  of  fighting — particularly  against  the  Soviets  in  Europe — rather  than  strategic 
and  operational  levels  of  war.  While  some  senior  leaders  within  the  Army  tried  to  change 
this  focus,  most  of  their  efforts  were  stymied.  Thus,  most  of  the  senior  generals  leading  the 
Middle  East/ Southwest  Asia  wars  were  trained  tactically  for  the  wrong  war  and  lacked  the 
“flexibility  of  the  mind”  both  Marshall  and  Clausewitz  insisted  upon.  Ricks’  evaluation 
of  the  post-World  War  II  conflicts  shows  that  far  too  many  senior  leaders  were  allowed 
to  remain  in  command  despite  glaring  deficiencies  in  understanding  the  context  of  the 
conflicts. 

There  is  not  much  to  criticize  in  Ricks’  book,  but  several  issues  bear  consideration. 
First,  there  is  no  discussion  on  the  impact  of  the  1986  Goldwater-Nichols  law  and  how 
this  impacted  civil-military  relations.  In  some  respects  this  law  increased  the  number  of 
general  officers  reporting  directly  to  the  civilian  leadership — without  a  senior  military 
boss.  Ricks  cites  two  examples  in  the  work  (Generals  Dugan  and  Woerner)  that  in  fact 
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did  not  report  to  military  leaders  and  thus  were  correctly  relieved  by  their  a  civilian  boss. 
Secondly,  the  context  of  the  number  and  age  of  military  leaders  in  World  War  II  relative 
to  the  size  of  the  Army  today  should  be  considered.  Did  Marshall  have  a  deeper  “bench” 
from  which  to  “hire  and  fire?”  Surely  he  did,  and  perhaps  this  made  it  easier  to  execute  his 
system.  Additionally,  relative  to  the  size  of  the  Army  today,  civilian  oversight  is  also  larger 
than  in  the  past  and  could  account  for  the  increase  in  civilian  meddling — regardless  of  the 
actions  of  senior  military  commanders. 

The  second  thesis  of  this  book — shortcomings  of  Army  generals — may  be  just  as  im¬ 
portant  given  the  Marshall  system  basis.  Most  of  the  work  is  a  critique  of  the  foibles  of 
senior  Army  leaders,  and  this  creates  some  imbalance  by  presenting  more  extensive  evi¬ 
dence  to  this  effect.  The  last  section,  covering  the  latest  Middle  East/Southwest  Asia  wars, 
is  understandably  shallower  than  the  previous  sections  due  to  the  timing  of  publication. 
Coverage  of  Lt  Gen  Ricardo  Sanchez  is  adequate  and  relevant  to  the  thesis,  but  that  of 
Generals  McCrystal  and  Petraeus  lacks  the  same  level  of  detail.  None  of  these  critiques 
detract  materially  from  the  keen  insights  provided  about  how  the  US  Army  and  the  other 
services  should  grow  senior  leaders,  nor  do  they  invalidate  the  usefulness  of  a  Marshall- 
type  system. 

Ricks  offers  many  suggestions  on  the  best  ways  to  restore  US  military  leadership.  He 
intimates  the  transformation  should  begin  with  education,  particularly  advanced  schools 
for  midcareer  officers  and  rigorous  war  colleges  for  more  senior  officers.  This  is  surprising 
given  his  penchant  of  PME  bashing.  But  these  institutions  will  help  create  and  educate 
the  kinds  of  officers  who  have  the  flexibility  of  mind  Marshall  expected.  Ricks  also  rec¬ 
ommends  the  services  offer  second  or  even  third  chances  to  certain  officers  rather  than 
being  a  “one  mistake”  organization — although  he  thinks  this  will  be  difficult  to  pursue  in 
our  current  environment.  The  services  should  focus  on  performance,  innovation,  account¬ 
ability,  and  a  greater  tolerance  for  risk  taking — an  implication  of  the  “second  chance” 
system.  Finally,  Ricks  suggests  that  relief  should  not  be  seen  as  a  failure  of  the  system,  but 
rather  a  strength  of  the  system,  and  it  should  be  acknowledged  publicly  to  prevent  any 
misconceptions. 

The  Generals  is  a  very  enjoyable  read  and  particularly  useful  for  those  officers  and  civil¬ 
ians  from  midcareer  to  senior  levels.  Even  though  the  content  is  Army-centric,  it  may 
well  be  one  of  the  best  books,  along  with  Cohens  Supreme  Command,  for  newly  minted 
general  officers  to  read  before  assuming  their  new  rank  and  position. 

W.  Michael  Guillot 

Editor,  Strategic  Studies  Quarterly 


Disclaimer 

The  views  and  opinions  expressed  or  implied  in  SSQ  are  those  of  the  authors  and  are  not 
officially  sanctioned  by  any  agency  or  department  of  the  US  government.  We  encourage  you  to 
send  comments  to:  strategicstudiesquarterly@us.af.mil. 
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International  Law,  International  Relations,  and  Global  Governance  by 
Charlotte  Ku.  Routledge,  2012,  228  pp.,  $130.00. 

The  title  of  Charlotte  Ku’s  latest  book  leaves  little  to  the  imagination.  The  professor  of  law 
and  assistant  dean  for  graduate  and  international  legal  studies  at  the  University  of  Illinois  Col¬ 
lege  of  Law  provides  a  relatively  thorough,  if  not  overly  pedantic,  breakout  of  how  inter¬ 
national  relations  and  international  law  are  conducted  in  todays  global  environment  and 
how  they  shape  global  governance.  She  urges  the  development  of  a  broader  understanding 
of  the  needs  of  governance  in  a  global  environment. 

Ku  postulates  that  the  current  world  order  has  entered  a  post-Westphalian  stage  where  the 
dominant  governing  body  is  no  longer  the  sovereign  state.  Instead,  we  have  entered  a  stage 
where  international  organizations  (IO),  nongovernment  organizations  (NGO),  and  even 
individuals  play  roles  along  with  the  state  in  what  she  describes  as  global  governance.  Ku 
examines  global  governance  from  a  normative  theoretical  lens.  She  sees  things  as  how  they 
ought  to  be  in  contrast  to  the  realist  who  may  view  the  same  thing  from  a factual  perspec¬ 
tive,  leading  her  entire  book  to  take  a  generally  positive  view  of  how  states,  IOs,  NGOs,  and 
individuals  interact  to  form  global  governance. 

Her  introduction  sets  the  stage  for  the  rest  of  the  book  by  describing  the  current  im¬ 
petus  for  this  new  global  governance.  Ku  suggests  the  application  of  technology  and  the 
expansion  of  cross-border  interaction  have  effectively  changed  how  states  relate  to  one 
another.  This  change  has  had  the  added  effect  of  creating  an  increased  interdependence 
among  countries  and  a  deep  intersection  that  has  made  it  much  harder  for  one  entity  to 
rule.  Additionally,  she  believes  states  face  an  erosion  of  their  authority  combined  with  a 
growing  sentiment  of  distrust  among  their  own  citizens.  This  has  led  to  a  loss  of  their 
competitive  advantage  over  other  possible  forms  of  governance. 

To  support  her  thesis,  Ku  meticulously  examines  how  state  and  international  players 
have  developed  over  the  years  and  considers  how  international  law  and  international  rela¬ 
tions  contribute  to  understanding  these  developments.  Her  book  is  full  of  examples  of 
how  IOs,  NGOs,  and  individuals  may  interact  with  the  state  and  shape  state  behavior. 
Without  a  doubt,  she  provides  significant  evidence  to  show  that  states  function  much 
differently  than  they  did  even  100  years  ago.  Some  examples  include  how  states  need  to 
legitimize  the  application  of  force  by  receiving  the  endorsement  of  an  IO,  how  they  turn 
to  NGOs  as  sources  of  information  and  guidance  related  to  a  variety  of  different  subjects, 
how  they  may  be  faced  by  legal  challenges  from  their  own  citizens,  or  how  they  may  in¬ 
corporate  international  legal  decisions  into  domestic  law. 

Despite  these  many  examples,  Kus  argument  of  a  developing  global  governance  is 
somewhat  undermined  by  the  fact  that  she  never  fully  defines  governance  or  what  gov¬ 
ernance  entails.  Instead,  her  book  focuses  mostly  on  substantiating  that  states  function 
differently  in  relation  to  other  global  bodies,  but  it  is  not  necessarily  clear  what  that  means 
in  relation  to  global  governance.  While  various  international  parties  may  have  greater 
interaction  with  the  state,  this  interaction  involves  concepts  that  are  more  related  to  how 
these  organizations  and  legal  manifestations  induce  behavior  rather  than  how  they  are 
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codified  in  some  type  of  global  governance.  She  highlights  three  elements  of  governance 
that  include  power,  authority,  and  legitimacy,  focusing  mostly  on  legitimacy.  Although 
Ku  provides  a  number  of  examples  showing  that  states  interact  with  or  adjust  behavior 
in  response  to  a  variety  of  different  global  actors,  this  does  not  necessarily  constitute  the 
manifestation  of  a  new  global  governance.  In  some  respects,  much  of  what  Ku  outlines 
can  be  described  more  as  effective  global  activism  as  opposed  to  global  governance. 
Without  a  definition  of  governance,  readers  are  left  to  question  whether  the  suprem¬ 
acy  of  the  sovereign  state  is  actually  being  supplanted. 

The  biggest  problem,  however,  with  Ku’s  argument  relates  to  her  normative  lens,  which 
generally  sees  her  conception  of  global  governance  developing  as  things  ought  to  be.  Ku 
rejects  the  idea  that  IOs  are  the  agents  of  their  member  states  and  value-free  and  promotes 
the  idea  that  they  are  actually  founded  on  certain  assumptions  that  reflect  liberal  values. 
Although  they  may  be  independent  of  any  state,  she  contends  that  IOs  typically  bear 
the  heavy  imprint,  and  thus  the  value  systems,  of  those  countries  that  founded  them,  to 
include  the  United  States  and  the  countries  of  Western  Europe  and  South  and  Central 
America,  among  others.  Much  of  her  argument  is  based  in  Western  democratic  ideals  and 
concepts,  which  ignores  that  a  great  number  of  the  players  involved  in  the  politics  and  di¬ 
rection  of  IOs  include  states  that  lack  dedication  to  liberal  values.  This  becomes  incredibly 
important  when  considering  the  role  that  both  China  and  Russia  play  in  the  international 
arena.  Both  countries  cling  to  the  Westphalian  concept  of  noninterference,  and  their  in¬ 
fluence  over  global  politics  is  arguably  becoming  stronger  relative  to  a  weakening  West. 
Any  argument  postulating  the  development  of  a  global  governance  liberally  based  in  IOs, 
NGOs,  and  individuals  needs  to  address  how  these  two  countries  will  function,  shape,  or 
be  shaped  by  global  governance  and  fall  into  any  such  global  governance. 

Ultimately,  Ku’s  book  was  written  for  a  specific  audience  interested  in  expanding 
its  knowledge  of  the  interaction  between  international  law  and  international  relations 
as  it  relates  to  the  complexities  of  global  governance.  The  average  reader  is  likely  to 
find  the  book  overly  academic  and  beyond  the  requirements  necessary  to  provide  a 
basic  understanding  of  international  law,  international  relations,  and,  in  turn,  global 
governance.  As  for  the  average  Air  Force  reader,  the  book  may  provide  some  in¬ 
sights  into  the  nature  of  global  politics  that  would  affect  the  application  of  airpower, 
whether  in  pursuit  of  objectives  specifically  central  to  US  national  security  or  as  part 
of  an  internationally  endorsed  humanitarian  operation.  But  the  academic  nature  of 
the  book  may  go  beyond  what  the  average  reader  seeks.  Although  insightful,  Ku’s 
book  is  probably  best  left  for  students  of  international  law  and  international  relations. 

1st  Lt  Joshua  D.  Bower,  USAF 

Travis  AFB,  California 
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